CVSS: 7.5EPSS: 3%CPEs: 22EXPL: 0CVE-2020-36222
https://notcve.org/view.php?id=CVE-2020-36222
A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. Se detectó un fallo en OpenLDAP versiones anteriores a 2.4.57, conllevando a un fallo de aserción en slapd en la comprobación de saslAuthzTo, resultando en una denegación de servicio • http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9406 https://bugs.openldap.org/show_bug.cgi?id=9407 https://git.openldap.org/openldap/openldap/-/commit/02dfc32d658fadc25e4040f78e36592f6e1e1ca0 https://git.openldap.org/openldap/openldap/-/commit/6ed057b5b728b50746c869bcc9c1f85d0bbbf6ed https://git.openldap.org/openldap/openldap/-/commit/6ed057b5b728b50746c869bcc9c1f85d0bbbf6ed.a • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 1%CPEs: 22EXPL: 0CVE-2020-36224
https://notcve.org/view.php?id=CVE-2020-36224
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. Se detectó un fallo en OpenLDAP versiones anteriores a 2.4.57, conllevando a la liberación de un puntero no válido y un bloqueo de slapd en el procesamiento saslAuthzTo, resultando en una denegación de servicio • http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9409 https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65 https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26 https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439 https://git.openldap.org/openldap/openldap/-/comm • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2020-36226
https://notcve.org/view.php?id=CVE-2020-36226
A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. Se detectó un fallo en OpenLDAP versiones anteriores a 2.4.57, conllevando un cálculo inapropiado de memch-)bv_len y un bloqueo de slapd en el procesamiento de saslAuthzTo, resultando en una denegación de servicio • http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9413 https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65 https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26 https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439 https://git.openldap.org/openldap/openldap/-/comm •
CVSS: 7.5EPSS: 4%CPEs: 22EXPL: 0CVE-2020-36229
https://notcve.org/view.php?id=CVE-2020-36229
A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. Se detectó un fallo en ldap_X509dn2bv en OpenLDAP versiones anteriores a 2.4.57, conllevando un bloqueo de slapd en el análisis del DN X.509 en ad_keystring, resultando en una denegación de servicio • http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9425 https://git.openldap.org/openldap/openldap/-/commit/4bdfffd2889c0c5cdf58bebafbdc8fce4bb2bff0 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 0%CPEs: 23EXPL: 0CVE-2020-36230
https://notcve.org/view.php?id=CVE-2020-36230
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. Se detectó un fallo en OpenLDAP versiones anteriores a 2.4.57, conllevando en un fallo de aserción en slapd en el análisis de DN X.509 en ber_next_element del archivo decode.c, resultando en una denegación de servicio • http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9423 https://git.openldap.org/openldap/openldap/-/commit/8c1d96ee36ed98b32cd0e28b7069c7b8ea09d793 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org • CWE-617: Reachable Assertion •