Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged
Permalink CVE-2024-2199
5.7 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): ADJACENT_NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 1 year, 3 months ago
389-ds-base: malformed userpassword may cause crash at do_modify in slapd/modify.c

A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.

References

Affected products

389-ds:1.4
  • *
389-ds-base
  • *
  • <3.1.1
redhat-ds:11
  • *
redhat-ds:12
  • *
389-ds:1.4/389-ds-base
redhat-ds:11/389-ds-base
redhat-ds:12/389-ds-base

Matching in nixpkgs

pkgs._389-ds-base

Enterprise-class Open Source LDAP server for Linux

Package maintainers