3 matches found
CVE-2020-8023
CVE-2020-8023 affects openldap2 across multiple SUSE/SOLAS distributions (e.g., SUSE Enterprise Storage 5, SLES variants, openSUSE Leap 15.1/15.2, SAP editions, OpenStack Cloud). The issue is a local privilege escalation triggered by an acceptance of Extraneous Untrusted Data With Trusted Data in...
CVE-2020-8027
CVE-2020-8027 affects openldap2 on SLES15-LTSS, SLES15 for SAP, openSUSE Leap 15.1/15.2, with insecure temporary file handling due to openldap_update_modules_path.sh starting daemons and using fixed paths in /tmp. Affected openldap2 versions are prior to 2.4.46-9.37.1 (SLES), prior to 2.4.46-9.37...
CVE-2022-31253
CVE-2022-31253 covers an Untrusted Search Path vulnerability in openldap2 for openSUSE Factory. The issue allows a local attacker who has control of the ldap user or group to change ownership of arbitrary directory entries to that user/group, enabling escalation to root. Affected are openldap2 ve...