OpenLDAP 2.4.59

CPE Details

OpenLDAP 2.4.59
openldap
openldap
2.4.59
2021-06-15
16h06 +00:00
2021-06-21
13h49 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:openldap:openldap:2.4.59:*:*:*:*:*:*:*

Informations

Vendor

openldap

Product

openldap

Version

2.4.59

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-29155 2022-05-04 17h06 +00:00 In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.
9.8
Critique
CVE-2015-3276 2015-12-07 19h00 +00:00 The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.
7.5
Haute
CVE-2005-2069 2005-06-29 02h00 +00:00 pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote attackers to sniff the password.
5