CVE-2023-2953

Опубликовано: 30 мая 2023

Источник: debian

EPSS Низкий

Описание

A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.

Пакет	Статус	Версия исправления	Релиз	Тип
openldap	fixed	2.6.4+dfsg-1~exp1	experimental	package
openldap	fixed	2.5.16+dfsg-1		package
openldap	no-dsa		bookworm	package
openldap	no-dsa		bullseye	package
openldap	no-dsa		buster	package

https://bugs.openldap.org/show_bug.cgi?id=9904
https://git.openldap.org/openldap/openldap/-/commit/ea8dd2d279c5aeaf9d4672a4e95bebd99babcce1 (master)
https://git.openldap.org/openldap/openldap/-/commit/3f2abd0b2eeec8522e50d5c4ea4992e70e8f9915 (master)
https://git.openldap.org/openldap/openldap/-/commit/c5c8c06a8bd52ea7b843e7d8ca961a7d1800ce5f (OPENLDAP_REL_ENG_2_6_4)
https://git.openldap.org/openldap/openldap/-/commit/840944e26f734bb03d925f26c4ef11a6cedcbb9c (OPENLDAP_REL_ENG_2_6_4)
https://git.openldap.org/openldap/openldap/-/commit/752d320cf96e46f24c0900f1a8f6af0a3fc3c4ce (OPENLDAP_REL_ENG_2_5_14)
https://git.openldap.org/openldap/openldap/-/commit/6563fab9e2feccb0a684d0398e78571d09fb808b (OPENLDAP_REL_ENG_2_5_14)

EPSS

Процентиль: 80%

0.01456

Низкий

CVE-2023-2953

CVSS3: 7.5

ubuntu

около 2 лет назад

A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.

CVE-2023-2953

CVSS3: 7.1

redhat

около 2 лет назад

A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.

CVE-2023-2953

CVSS3: 7.5

nvd

около 2 лет назад

A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.

CVE-2023-2953

CVSS3: 7.5

msrc

9 месяцев назад

Описание отсутствует

SUSE-SU-2023:2503-1

suse-cvrf

около 2 лет назад

Security update for openldap2

EPSS

Процентиль: 80%

0.01456

Низкий