USN-5231-1 389-ds-base vulnerabilities

It was discovered that 389 Directory Server presented to users, during authentication, an error message which could be used to discover if a certain LDAP DN existed or not. A remote unauthenticated attacker could possibly use this to check the existence of an entry in a LDAP database and expose...

DEBIAN-CVE-2021-3514

When using a syncrepl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash...