| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2024-8445 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all ... |
| CVE-2024-6237 | vulnerable | vulnerable | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | A flaw was found in the 389 Directory Server. This flaw allows an unau ... |
| CVE-2024-5953 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | A denial of service vulnerability was found in the 389-ds-base LDAP se ... |
| CVE-2024-3657 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | A flaw was found in 389-ds-base. A specially-crafted LDAP query can po ... |
| CVE-2024-2199 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | A denial of service vulnerability was found in 389-ds-base ldap server ... |
| CVE-2024-1062 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | A heap overflow flaw was found in 389-ds-base. This issue leads to a d ... |
| CVE-2023-1055 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP t ... |
| CVE-2022-2850 | vulnerable | vulnerable | fixed | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found In 389-ds-base. When the Content Synchronization plug ... |
| CVE-2022-1949 | vulnerable | vulnerable | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | An access control bypass vulnerability found in 389-ds-base. That mish ... |
| CVE-2022-0996 | vulnerable | vulnerable | fixed | vulnerable (no DSA) | fixed | fixed | fixed | A vulnerability was found in the 389 Directory Server that allows expi ... |
| CVE-2022-0918 | vulnerable | vulnerable | fixed | vulnerable (no DSA) | fixed | fixed | fixed | A vulnerability was discovered in the 389 Directory Server that allows ... |
| CVE-2021-4091 | vulnerable | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | A double-free was found in the way 389-ds-base handles virtual attribu ... |
| CVE-2021-3652 | vulnerable | vulnerable (no DSA) | fixed | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in 389-ds-base. If an asterisk is imported as passwor ... |
| CVE-2021-3514 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | When using a sync_repl client in 389-ds-base, an authenticated attacke ... |
| CVE-2020-35518 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | When binding against a DN during authentication, the reply from 389-ds ... |
| CVE-2019-14824 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | A flaw was found in the 'deref' plugin of 389-ds-base where it could u ... |
| CVE-2019-3883 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In 389-ds-base up to version 1.4.1.2, requests are handled by workers ... |
| CVE-2018-14648 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | A flaw was found in 389 Directory Server. A specially crafted search q ... |
| CVE-2018-14638 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ... |
| CVE-2018-14624 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | A vulnerability was discovered in 389-ds-base through versions 1.3.7.1 ... |
| CVE-2018-10935 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | A flaw was found in the 389 Directory Server that allows users to caus ... |
| CVE-2018-10871 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | 389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Clear ... |
| CVE-2018-10850 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | 389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race ... |
| CVE-2018-1089 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | 389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properl ... |
| CVE-2018-1054 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | An out-of-bounds memory read flaw was found in the way 389-ds-base han ... |
| CVE-2017-15134 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x ... |
| CVE-2017-7551 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | 389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to pass ... |
| CVE-2016-5405 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, ... |
| CVE-2016-4992 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, ... |
| Bug | Description |
|---|
| CVE-2019-10224 | A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. ... |
| CVE-2019-10171 | It was found that the fix for CVE-2018-14648 in 389-ds-base, versions ... |
| CVE-2017-15135 | It was found that 389-ds-base since 1.3.6.1 up to and including 1.4.0. ... |
| CVE-2017-2668 | 389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an ... |
| CVE-2017-2591 | 389-ds-base before version 1.3.6 is vulnerable to an improperly NULL t ... |
| CVE-2016-0741 | slapd/connection.c in 389 Directory Server (formerly Fedora Directory ... |
| CVE-2015-3230 | 389 Directory Server (formerly Fedora Directory Server) before 1.3.3.1 ... |
| CVE-2015-1854 | 389 Directory Server before 1.3.3.10 allows attackers to bypass intend ... |
| CVE-2014-8112 | 389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x bef ... |
| CVE-2014-8105 | 389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does n ... |
| CVE-2014-3562 | Red Hat Directory Server 8 and 389 Directory Server, when debugging is ... |
| CVE-2014-0132 | The SASL authentication functionality in 389 Directory Server before 1 ... |
| CVE-2013-4485 | 389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8. ... |
| CVE-2013-4283 | ns-slapd in 389 Directory Server before 1.3.0.8 allows remote attacker ... |
| CVE-2013-2219 | The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server ... |
| CVE-2013-1897 | The do_search function in ldap/servers/slapd/search.c in 389 Directory ... |
| CVE-2013-0336 | The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ ... |
| CVE-2013-0312 | 389 Directory Server before 1.3.0.4 allows remote attackers to cause a ... |
| CVE-2012-4450 | 389 Directory Server 1.2.10 does not properly update the ACL when a DN ... |
| CVE-2012-2746 | 389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server bef ... |
| CVE-2012-2678 | 389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server bef ... |
| CVE-2012-0833 | The acllas__handle_group_entry function in servers/plugins/acl/acllas. ... |