389-ds (SUSE:Manager Server 4.1) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Manager Server 4.1 package 389-ds, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2021-4091 — CVSS 7.5 (high): A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series…
CVE-2022-0918 — CVSS 7.5 (high): A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to…
CVE-2022-1949 — CVSS 7.5 (high): An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that…
CVE-2022-0996 — CVSS 6.5 (medium): A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication.