Vulnerabilities > Openldap > Openldap > 2.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-30 | CVE-2023-2953 | NULL Pointer Dereference vulnerability in multiple products A vulnerability was found in openldap. | 7.5 |
2022-05-04 | CVE-2022-29155 | SQL Injection vulnerability in multiple products In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. | 9.8 |
2021-05-28 | CVE-2020-25710 | Reachable Assertion vulnerability in multiple products A flaw was found in OpenLDAP in versions before 2.4.56. | 7.5 |
2021-05-18 | CVE-2020-25709 | Reachable Assertion vulnerability in multiple products A flaw was found in OpenLDAP. | 7.5 |
2020-12-08 | CVE-2020-25692 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. | 7.5 |
2020-07-14 | CVE-2020-15719 | Improper Certificate Validation vulnerability in multiple products libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. | 4.0 |
2020-04-28 | CVE-2020-12243 | Uncontrolled Recursion vulnerability in multiple products In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). | 5.0 |
2020-01-02 | CVE-2014-8182 | Off-by-one Error vulnerability in multiple products An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. | 4.3 |
2019-07-26 | CVE-2019-13565 | An issue was discovered in OpenLDAP 2.x before 2.4.48. | 7.5 |
2019-07-26 | CVE-2019-13057 | An issue was discovered in the server in OpenLDAP before 2.4.48. | 3.5 |