Python LDAP vulnerability

2022-07-1100:00:00

ubuntu.com

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.7 Medium

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

49.6%

JSON

Releases

Ubuntu 22.04 LTS
Ubuntu 21.10
Ubuntu 20.04 LTS
Ubuntu 18.04 ESM

Packages

python-ldap - LDAP interface module for Python

Details

It was discovered that Python LDAP incorrectly handled certain regular expressions.
An remote attacker could possibly use this issue to cause a denial of service.

OSVersionArchitecturePackageVersionFilename
Ubuntu22.04noarchpython3-pyldap< 3.2.0-4ubuntu7.1UNKNOWN
Ubuntu22.04noarchpython3-ldap< 3.2.0-4ubuntu7.1UNKNOWN
Ubuntu22.04noarchpython3-ldap-dbg< 3.2.0-4ubuntu7.1UNKNOWN
Ubuntu21.10noarchpython3-pyldap< 3.2.0-4ubuntu5.1UNKNOWN
Ubuntu21.10noarchpython3-ldap< 3.2.0-4ubuntu5.1UNKNOWN
Ubuntu21.10noarchpython3-ldap-dbg< 3.2.0-4ubuntu5.1UNKNOWN
Ubuntu20.04noarchpython3-pyldap< 3.2.0-4ubuntu2.1UNKNOWN
Ubuntu20.04noarchpython3-ldap< 3.2.0-4ubuntu2.1UNKNOWN
Ubuntu20.04noarchpython3-ldap-dbg< 3.2.0-4ubuntu2.1UNKNOWN
Ubuntu18.04noarchpython3-pyldap< 3.0.0-1ubuntu0.2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	22.04	noarch	python3-pyldap	< 3.2.0-4ubuntu7.1	UNKNOWN
Ubuntu	22.04	noarch	python3-ldap	< 3.2.0-4ubuntu7.1	UNKNOWN
Ubuntu	22.04	noarch	python3-ldap-dbg	< 3.2.0-4ubuntu7.1	UNKNOWN
Ubuntu	21.10	noarch	python3-pyldap	< 3.2.0-4ubuntu5.1	UNKNOWN
Ubuntu	21.10	noarch	python3-ldap	< 3.2.0-4ubuntu5.1	UNKNOWN
Ubuntu	21.10	noarch	python3-ldap-dbg	< 3.2.0-4ubuntu5.1	UNKNOWN
Ubuntu	20.04	noarch	python3-pyldap	< 3.2.0-4ubuntu2.1	UNKNOWN
Ubuntu	20.04	noarch	python3-ldap	< 3.2.0-4ubuntu2.1	UNKNOWN
Ubuntu	20.04	noarch	python3-ldap-dbg	< 3.2.0-4ubuntu2.1	UNKNOWN
Ubuntu	18.04	noarch	python3-pyldap	< 3.0.0-1ubuntu0.2	UNKNOWN