OpenLDAP 2.5.9

CPE Details

OpenLDAP 2.5.9
2.5.9
2022-05-12
14h46 +00:00
2022-05-13
13h10 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:openldap:openldap:2.5.9:*:*:*:*:*:*:*

Informations

Vendor

openldap

Product

openldap

Version

2.5.9

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-29155 2022-05-04 17h06 +00:00 In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.
9.8
Critical
CVE-2005-2069 2005-06-29 02h00 +00:00 pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote attackers to sniff the password.
5