Vulnerabilities > CVE-2020-36224 - Release of Invalid Pointer or Reference vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
openldap
debian
apple
CWE-763

Summary

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.

Vulnerable Configurations

Part Description Count
Application
Openldap
56
OS
Debian
2
OS
Apple
30

Common Weakness Enumeration (CWE)

References