Search CVE reports


Toggle filters

11 – 20 of 52 results


CVE-2020-36225

Medium priority

Some fixes available 12 of 13

A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.

1 affected package

openldap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-36224

Medium priority

Some fixes available 12 of 13

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.

1 affected package

openldap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-36223

Medium priority

Some fixes available 12 of 13

A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).

1 affected package

openldap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-36222

Medium priority

Some fixes available 12 of 13

A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.

1 affected package

openldap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-36221

Medium priority

Some fixes available 12 of 13

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).

1 affected package

openldap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-25710

Medium priority
Fixed

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is...

1 affected package

openldap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap Fixed Fixed Fixed
Show less packages

CVE-2020-25709

Medium priority
Fixed

A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.

1 affected package

openldap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap Fixed Fixed Fixed
Show less packages

CVE-2020-25692

Medium priority
Fixed

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted...

1 affected package

openldap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap Fixed Fixed Fixed
Show less packages

CVE-2020-15719

Low priority
Ignored

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed...

1 affected package

openldap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap Not affected Not affected Not affected
Show less packages

CVE-2020-12243

Medium priority
Fixed

In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).

1 affected package

openldap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap Fixed Fixed Fixed
Show less packages