389-ds-base vulnerabilities

Known vulnerabilities in the 389-ds-base package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L CVE-2024-8445	*
L CVE-2024-6237	*
L Improper Validation of Consistency within Input	*
L Improper Input Validation	*
L CVE-2024-3657	*
L Heap-based Buffer Overflow	*
L Improper Certificate Validation	*
L NULL Pointer Dereference	*
L Authorization Bypass Through User-Controlled Key	*
L Improper Authentication	*
L CVE-2022-0918	*
L Double Free	*
L CVE-2021-3652	*
M NULL Pointer Dereference	<1.4.4.11-2
M Information Exposure	<1.4.4.10-1
M Incorrect Permission Assignment for Critical Resource	<1.4.2.4-1
M Information Exposure	<1.4.1.5-1
H Missing Release of Resource after Effective Lifetime	<1.4.1.5-1
H Resource Exhaustion	<1.4.0.18-1
M Improper Input Validation	<1.4.0.15-1
H Improper Input Validation	<1.4.0.18-1
H Double Free	<1.4.0.18-1
H Cleartext Storage of Sensitive Information	<1.4.0.15-1
M NULL Pointer Dereference	<1.3.5.17-1
M Race Condition	<1.4.0.15-1
H Out-of-Bounds	<1.3.8.2-1
H Out-of-bounds Read	<1.3.5.15-2
H Out-of-bounds Read	<1.3.7.10-1
H Out-of-Bounds	<1.3.7.9-1
H Improper Authentication	<1.3.7.9-1
H Improper Access Control	<1.3.3.10-1
C Weak Password Recovery Mechanism for Forgotten Password	<1.3.6.7-1
L Information Exposure	*
H Information Exposure	<1.3.5.13-1
C Information Management Errors	<1.3.5.15-1
H Resource Management Errors	<1.3.4.8-1
H Security Features	<1.3.3.12-1
M Information Exposure	<1.3.3.5-4
M Information Exposure	<1.3.3.5-4
M Improper Input Validation	<1.3.2.9-1
M Information Exposure	<1.3.2.21-1
M Improper Authentication	<1.3.2.9-1.1
M Improper Input Validation	<1.3.2.9-1
M Improper Input Validation	<1.3.2.9-1
M Access Restriction Bypass	<1.3.2.9-1
L Access Restriction Bypass	<1.3.2.9-1
M Numeric Errors	<1.3.0.3-1
M Access Restriction Bypass	<1.2.11.15-1

Vulnerability

Vulnerable Version

CVE-2024-8445