Openldap Security Vulnerabilities and Issues — Openldap CVE List

Lucene search

OpenldapOpenldap

13 matches found

CVE•added 2021/02/14 3:15 a.m.•392 views

CVE-2021-27212

In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.

7.5CVSS7.2AI score0.22798EPSS

CVE•added 2021/05/28 11:15 a.m.•303 views

CVE-2020-25710

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.

7.5CVSS7.2AI score0.06999EPSS

CVE•added 2021/05/18 12:15 p.m.•295 views

CVE-2020-25709

A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.

7.5CVSS7.2AI score0.12337EPSS

CVE•added 2021/01/26 6:15 p.m.•269 views

CVE-2020-36230

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.

7.5CVSS7.4AI score0.00753EPSS

CVE•added 2021/01/26 6:15 p.m.•257 views

CVE-2020-36229

A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.

7.5CVSS7.3AI score0.01984EPSS

CVE•added 2021/01/26 6:15 p.m.•245 views

CVE-2020-36226

A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.

7.5CVSS7.3AI score0.00608EPSS

CVE•added 2021/01/26 6:15 p.m.•241 views

CVE-2020-36224

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.

7.5CVSS7.4AI score0.00802EPSS

CVE•added 2021/01/26 6:15 p.m.•234 views

CVE-2020-36223

A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).

7.5CVSS7.3AI score0.07037EPSS

CVE•added 2021/01/26 6:15 p.m.•225 views

CVE-2020-36222

A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.

7.5CVSS7.3AI score0.37019EPSS

CVE•added 2021/01/26 6:15 p.m.•224 views

CVE-2020-36228

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.

7.5CVSS7.3AI score0.65747EPSS

CVE•added 2021/01/26 6:15 p.m.•221 views

CVE-2020-36221

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).

7.5CVSS7.4AI score0.47019EPSS

CVE•added 2021/01/26 6:15 p.m.•221 views

CVE-2020-36225

A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.

7.5CVSS7.3AI score0.00802EPSS

CVE•added 2021/01/26 6:15 p.m.•221 views

CVE-2020-36227

A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.

7.5CVSS7.3AI score0.61408EPSS