389-ds-base-libs (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package 389-ds-base-libs, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (9)
CVE-2022-0918 — CVSS 7.5 (high): A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to…
CVE-2024-3657 — CVSS 7.5 (high): A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a…
CVE-2025-14905 — CVSS 7.2 (high): A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within…
CVE-2024-6237 — CVSS 6.5 (medium): A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a…
CVE-2022-0996 — CVSS 6.5 (medium): A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication.
CVE-2022-2850 — CVSS 6.5 (medium): A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer…
CVE-2024-5953 — CVSS 5.7 (medium): A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server…
CVE-2024-2199 — CVSS 5.7 (medium): A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash…
CVE-2025-2487 — CVSS 4.9 (medium): A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when…