2 matches found
ALSA-2026:26459 Important: 389-ds:1.4 security update
389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: 389-ds-base: unbounded LDAP controls count in...
CVE-2026-9064
The CVE-2026-9064 issue affects the 389-ds-base LDAP server. The get_ldapmessage_controls_ext() function does not bound the number of LDAP message controls, allowing a remote, unauthenticated attacker to send requests with hundreds of thousands of minimal controls within the default BER size (2 M...