Vulnerabilities > Openldap > Openldap > 2.4.48
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-04 | CVE-2022-29155 | SQL Injection vulnerability in multiple products In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. | 9.8 |
2021-05-28 | CVE-2020-25710 | Reachable Assertion vulnerability in multiple products A flaw was found in OpenLDAP in versions before 2.4.56. | 7.5 |
2021-05-18 | CVE-2020-25709 | Reachable Assertion vulnerability in multiple products A flaw was found in OpenLDAP. | 7.5 |
2020-12-08 | CVE-2020-25692 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. | 7.5 |
2020-04-28 | CVE-2020-12243 | Uncontrolled Recursion vulnerability in multiple products In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). | 5.0 |