CVE
CVE-2020-36222
| CVE ID |
CVE-2020-36222
|
|---|---|
| CVSS Score |
7.5
|
| Operating System | |
| Affected Versions |
CentOS 7
|
| Patched Versions |
openldap-2.4.44-25_ol001.el7_9
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
OL CVE Issue Summary:
A flaw was discovered in OpenLDAP before 2.4.57 leading to integer underflow in slapd in the serialNumberAndIssuerCheck and serialNumberAndIssuerSerialCheck functions in schema_init.c, resulting in denial of service.
A flaw was discovered in OpenLDAP before 2.4.57 leading to assertion failures in slapd in the authzPrettyNormal function in saslauthz.c, resulting in denial of service.
A flaw was discovered in OpenLDAP before 2.4.57 leading to a crash in slapd in the slap_free_ctrls function in controls.c, resulting in denial of service.
A flaw was discovered in OpenLDAP before 2.4.57 leading to invalid pointer access in slapd in the authzPrettyNormal function in saslauthz.c, resulting in denial of service.
A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free in slapd in the dnPretty function in dn.c, resulting in denial of service.
A flaw was discovered in OpenLDAP before 2.4.57 leading to a crash in slapd in the slap_parse_user function in saslauthz.c, resulting in denial of service.
A flaw was discovered in OpenLDAP before 2.4.57 leading to an integer underflow in slapd in the certificateListExactNormalize function in schema_init.c, resulting in denial of service.
A flaw was discovered in OpenLDAP before 2.4.57 leading to a crash in slapd in the issuerAndThisUpdateCheck function in schema_init.c, resulting in denial of service.
A flaw was discovered in OpenLDAP before 2.4.57 leading to a segmentation fault in slapd in the slap_bv2undef_ad function in ad.c, resulting in denial of service.
A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.