Redhat » 389 Directory Server : Security Vulnerabilities, CVEs, CVSS score >= 6
The _ger_parse_control function in Red Hat Directory Server 8 and the 389 Directory Server allows attackers to cause a denial of service (NULL pointer dereference) via a crafted search query.
Max CVSS
7.5
EPSS Score
0.10%
Published
2019-11-05
Updated
2019-11-08
A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort.
Max CVSS
6.5
EPSS Score
3.44%
Published
2018-09-11
Updated
2019-10-09
When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash.
Max CVSS
6.5
EPSS Score
0.06%
Published
2021-05-28
Updated
2023-04-24
A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication.
Max CVSS
6.5
EPSS Score
0.14%
Published
2022-03-23
Updated
2023-04-24
4 vulnerabilities found