Vulnerabilities > Redhat > 389 Directory Server > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-09 | CVE-2024-6237 | Unspecified vulnerability in Redhat products A flaw was found in the 389 Directory Server. | 6.5 |
| 2022-03-23 | CVE-2022-0996 | Improper Authentication vulnerability in multiple products A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication. | 6.5 |
| 2021-05-28 | CVE-2021-3514 | Unspecified vulnerability in Redhat 389 Directory Server When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash. | 6.5 |
| 2021-03-26 | CVE-2020-35518 | Information Exposure Through Discrepancy vulnerability in Redhat 389 Directory Server When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. | 5.3 |
| 2018-09-11 | CVE-2018-10935 | Improper Input Validation vulnerability in Redhat 389 Directory Server A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort. | 6.5 |