Vulnerabilities > Fedoraproject > 389 Directory Server > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-25 | CVE-2019-10224 | Information Exposure vulnerability in Fedoraproject 389 Directory Server A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. | 4.6 |
| 2019-11-08 | CVE-2019-14824 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. | 6.5 |
| 2018-06-22 | CVE-2017-2668 | NULL Pointer Dereference vulnerability in multiple products 389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. | 6.5 |
| 2018-06-13 | CVE-2018-10850 | Race Condition vulnerability in multiple products 389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. | 5.9 |
| 2018-05-04 | CVE-2011-0704 | Improper Input Validation vulnerability in Fedoraproject 389 Directory Server 1.2.7.5 389 Directory Server 1.2.7.5, when built with mozldap, allows remote attackers to cause a denial of service (replica crash) by sending an empty modify request. | 5.9 |