OpenLDAP 2.5.0 Alpha

CPE Details

OpenLDAP 2.5.0 Alpha
2.5.0
2021-02-18
13h58 +00:00
2021-02-18
13h58 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:openldap:openldap:2.5.0:alpha:*:*:*:*:*:*

Informations

Vendor

openldap

Product

openldap

Version

2.5.0

Update

alpha

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-29155 2022-05-04 17h06 +00:00 In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.
9.8
Critical
CVE-2021-27212 2021-02-14 01h53 +00:00 In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.
7.5
High
CVE-2005-2069 2005-06-29 02h00 +00:00 pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote attackers to sniff the password.
5