389-ds (SUSE:Linux Enterprise Server 15 SP5-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 15 SP5-LTSS package 389-ds, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2026-9064 — CVSS 7.5 (high): A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the…
CVE-2025-14905 — CVSS 7.2 (high): A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within…
CVE-2025-3416 — CVSS 3.7 (low): A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free…