Vulnerabilities > Openldap > Openldap > 2.5.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-04 | CVE-2022-29155 | SQL Injection vulnerability in multiple products In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. | 9.8 |
2021-02-14 | CVE-2021-27212 | Reachable Assertion vulnerability in multiple products In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. | 7.5 |