AVG-2206 log
| Package | 389-ds-base |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 2.0.3-2 |
| Fixed | 2.0.7-1 |
| Current | 3.1.1-1 [extra] |
| Ticket | None |
| Created | Thu Jul 22 08:22:45 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-3652 | Medium | Yes | Authentication bypass | In 389-ds-base before version 2.0.7, it was found that if an asterisk is imported as a password hash, either accidentally or maliciously, then instead of... |
| CVE-2021-3514 | Low | Yes | Denial of service | A security issue was found in 389-ds-base before version 2.0.5. When using a sync_repl client, an authenticated attacker can cause a NULL pointer... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 27 Jul 2021 | ASA-202107-72 | 389-ds-base | multiple issues |