CLSA-2025-1758645818

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1758645818.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2025-1758645818
Upstream
Published
2026-04-23T20:31:57Z
Modified
2026-05-27T11:34:22.400201140Z
Summary
openldap: Fix of 14 CVEs
Details
  • Rebase to 2.4.58 to fix the following vulnerabilities:
  • CVE-2020-12243: fix denial of service caused by LDAP search filters with nested boolean expressions
  • CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing
  • CVE-2020-36223: fix slapd crash in the Values Return Filter control handling
  • CVE-2020-36226: fix slapd crash in the saslAuthzTo processing
  • CVE-2020-36228: fix slapd crash in the Certificate List Exact Assertion processing
  • CVE-2020-36225: fix double free and slapd crash in the saslAuthzTo processing
  • CVE-2020-36227: fix infinite loop in slapd with the cancel_extop Cancel operation
  • CVE-2020-36230: fix assertion failure in slapd in the X.509 DN parsing in decode.c
  • CVE-2020-25692: fix NULL pointer dereference during a request for renaming RDNs
  • CVE-2020-25709: fix assertion failure caused by processing malicious packet
  • CVE-2020-36224: fix invalid pointer free and slapd crash in the saslAuthzTo processing
  • CVE-2020-36229: fix slapd crash in the X.509 DN parsing in ad_keystring
  • CVE-2020-25710: fix failed assertion in csnNormalize23()
  • CVE-2020-36222: fix assertion failure in slapd in the saslAuthzTo validation
References

Affected packages

TuxCare:CentOS:6 / openldap

Package

Name
openldap
Purl
pkg:rpm/tuxcare/openldap?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.58-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1758645818.json"

TuxCare:CentOS:6 / openldap-clients

Package

Name
openldap-clients
Purl
pkg:rpm/tuxcare/openldap-clients?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.58-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1758645818.json"

TuxCare:CentOS:6 / openldap-devel

Package

Name
openldap-devel
Purl
pkg:rpm/tuxcare/openldap-devel?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.58-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1758645818.json"

TuxCare:CentOS:6 / openldap-servers

Package

Name
openldap-servers
Purl
pkg:rpm/tuxcare/openldap-servers?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.58-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1758645818.json"

TuxCare:CentOS:6 / openldap-servers-sql

Package

Name
openldap-servers-sql
Purl
pkg:rpm/tuxcare/openldap-servers-sql?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.58-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1758645818.json"