Описание
In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.4.45+dfsg-1ubuntu1.11 |
| devel | released | 2.5.12+dfsg-2ubuntu1 |
| esm-infra-legacy/trusty | not-affected | 2.4.31-1+nmu2ubuntu8.5+esm5 |
| esm-infra/bionic | not-affected | 2.4.45+dfsg-1ubuntu1.11 |
| esm-infra/focal | not-affected | 2.4.49+dfsg-2ubuntu1.9 |
| esm-infra/xenial | released | 2.4.42+dfsg-2ubuntu3.13+esm1 |
| focal | released | 2.4.49+dfsg-2ubuntu1.9 |
| impish | released | 2.5.6+dfsg-1~exp1ubuntu1.1 |
| jammy | released | 2.5.11+dfsg-1~exp1ubuntu3.1 |
| trusty/esm | released | 2.4.31-1+nmu2ubuntu8.5+esm5 |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.
In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.
In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection ...
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3