389-ds (SUSE:Linux Enterprise Module for Server Applications 15 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Server Applications 15 SP2 package 389-ds, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2021-3514 — CVSS 6.5 (medium): When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted…
CVE-2021-3652 — CVSS 6.5 (medium): A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then instead of being…
CVE-2020-35518 — CVSS 5.3 (medium): When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be…