CLSA-2026-1777310722

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1777310722.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2026-1777310722
Upstream
Published
2026-04-27T17:25:27Z
Modified
2026-05-27T11:18:31.677422695Z
Summary
openldap: Fix of 15 CVEs
Details
  • CVE-2019-13565: SASL session encryption SSF not reset on new connection, allowing downgrade
  • CVE-2020-12243: slapd crash via deeply nested LDAP search filter boolean expressions
  • CVE-2020-25692: NULL pointer dereference in slapd during modRDN request
  • CVE-2020-25709: slapd assertion failure via crafted certificate list validation
  • CVE-2020-25710: slapd assertion failure in obsolete csnNormalize23
  • CVE-2020-36221: slapd integer underflow crash in Certificate Exact Assertion processing
  • CVE-2020-36222: slapd assertion failure in saslAuthzTo validation
  • CVE-2020-36223: slapd double free crash in Values Return Filter control handling
  • CVE-2020-36224: slapd invalid pointer free and crash in saslAuthzTo processing
  • CVE-2020-36225: slapd double free crash in saslAuthzTo processing
  • CVE-2020-36226: slapd memch->bv_len miscalculation and crash in saslAuthzTo processing
  • CVE-2020-36227: slapd infinite loop via cancel_extop Cancel operation
  • CVE-2020-36228: slapd integer underflow crash in Certificate List Exact Assertion processing
  • CVE-2020-36229: slapd crash in X.509 DN parsing adkeystring via ldapX509dn2bv
  • CVE-2020-36230: slapd assertion failure in X.509 DN parsing bernextelement in decode.c
References

Affected packages

TuxCare:CentOS:8.5 / openldap

Package

Name
openldap
Purl
pkg:rpm/tuxcare/openldap?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.46-18.el8.tuxcare.els4

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1777310722.json"

TuxCare:CentOS:8.5 / openldap-clients

Package

Name
openldap-clients
Purl
pkg:rpm/tuxcare/openldap-clients?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.46-18.el8.tuxcare.els4

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1777310722.json"

TuxCare:CentOS:8.5 / openldap-devel

Package

Name
openldap-devel
Purl
pkg:rpm/tuxcare/openldap-devel?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.46-18.el8.tuxcare.els4

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1777310722.json"

TuxCare:CentOS:8.5 / openldap-servers

Package

Name
openldap-servers
Purl
pkg:rpm/tuxcare/openldap-servers?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.46-18.el8.tuxcare.els4

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1777310722.json"