GCVE - cpe:2.3:a:red_hat,_inc.:389-ds-base:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:red_hat,_inc.:389-ds-base:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Red Hat, Inc. (`955c0640-1cfb-5fef-a58d-675724883b3d`)
Product	389 Ds Base (`aea12155-6942-5a8d-9004-fc59d9d5fc50`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2018-1054`	vulnerable	2026-06-03 14:38:30.144061	Details available An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service. Published: 2018-03-07T13:00:00.000Z Updated: 2024-09-17T00:11:04.061Z Open on db.gcve.eu Reference links https://pagure.io/389-ds-base/issue/49545 https://bugzilla.redhat.com/show_bug.cgi?id=1537314 https://access.redhat.com/errata/RHSA-2018:0414 https://access.redhat.com/errata/RHSA-2018:0515 https://lists.debian.org/debian-lts-announce/2018/07/msg00018.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-15135`	vulnerable	2026-06-03 14:36:45.403865	Details available It was found that 389-ds-base since 1.3.6.1 up to and including 1.4.0.3 did not always handle internal hash comparison operations correctly during the authentication process. A remote, unauthenticated attacker could potentially use this flaw to bypass the authentication process under very rare and specific circumstances. Published: 2018-01-24T15:00:00.000Z Updated: 2024-08-05T19:50:16.357Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/102811 https://bugzilla.redhat.com/show_bug.cgi?id=1525628 https://access.redhat.com/errata/RHSA-2018:0414 https://access.redhat.com/errata/RHSA-2018:0515 http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-15134`	vulnerable	2026-06-03 14:36:45.401412	Details available A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service. Published: 2018-03-01T21:00:00.000Z Updated: 2024-09-16T23:06:25.183Z Open on db.gcve.eu Reference links https://access.redhat.com/errata/RHSA-2018:0163 https://pagure.io/389-ds-base/c/6aa2acdc3cad9 https://bugzilla.redhat.com/show_bug.cgi?id=1531573 http://www.securityfocus.com/bid/102790 https://lists.debian.org/debian-lts-announce/2018/07/msg00018.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.