GCVE - cpe:2.3:a:n/a:openldap:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:openldap:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Openldap (`80fbb035-59f3-5bda-a4a5-e8b06fb98f27`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-2953`	vulnerable	2026-06-08 06:02:43.691660	Details available A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function. Published: 2023-05-30T00:00:00.000Z Updated: 2025-01-10T21:28:27.261Z Open on db.gcve.eu Reference links https://bugs.openldap.org/show_bug.cgi?id=9904 https://access.redhat.com/security/cve/CVE-2023-2953 https://security.netapp.com/advisory/ntap-20230703-0005/ https://support.apple.com/kb/HT213843 https://support.apple.com/kb/HT213844	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-25710`	vulnerable	2026-06-08 05:22:37.267688	Details available A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability. Published: 2021-05-28T10:20:20.000Z Updated: 2024-08-04T15:40:36.750Z Open on db.gcve.eu Reference links https://www.debian.org/security/2020/dsa-4792 https://lists.debian.org/debian-lts-announce/2020/12/msg00008.html https://bugzilla.redhat.com/show_bug.cgi?id=1899678 https://git.openldap.org/openldap/openldap/-/commit/ab3915154e69920d480205b4bf5ccb2b391a0a1f#a2feb6ed0257c21c6672793ee2f94eaadc10c72c https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-25709`	vulnerable	2026-06-08 05:22:37.250259	Details available A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability. Published: 2021-05-18T11:51:42.000Z Updated: 2024-08-04T15:40:36.594Z Open on db.gcve.eu Reference links https://www.debian.org/security/2020/dsa-4792 https://lists.debian.org/debian-lts-announce/2020/12/msg00008.html https://support.apple.com/kb/HT212147 http://seclists.org/fulldisclosure/2021/Feb/14 https://bugzilla.redhat.com/show_bug.cgi?id=1899675	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-25692`	vulnerable	2026-06-08 05:22:37.219557	Details available A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service. Published: 2020-12-08T00:06:29.000Z Updated: 2024-08-04T15:40:36.777Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=1894567 https://security.netapp.com/advisory/ntap-20210108-0006/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.