Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID SNYK-DEBIAN10-OPENLDAP-304680
- published 29 Jun 2012
- disclosed 29 Jun 2012
How to fix?
openldap to version 2.4.31-1 or higher.
Note: Versions mentioned in the description apply only to the upstream
openldap package and not the
openldap package as distributed by
How to fix? for
Debian:10 relevant fixed versions and status.
slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned.