Every CVE whose affected-product data names Port389 389-ds-base, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2021-4091 — CVSS 7.5 (high): A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series…
CVE-2022-0918 — CVSS 7.5 (high): A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to…
CVE-2021-3652 — CVSS 6.5 (medium): A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then instead of being…
CVE-2022-2850 — CVSS 6.5 (medium): A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer…