CVE-2024-1062

Source
https://cve.org/CVERecord?id=CVE-2024-1062
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-1062.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-1062
Downstream
Related
Published
2024-02-12T13:04:39.944Z
Modified
2026-07-11T03:53:33.054076237Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr)
Details

A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in logentryattr.

Database specific
{
    "cwe_ids": [
        "CWE-122"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/1xxx/CVE-2024-1062.json",
    "cna_assigner": "redhat"
}
References

Affected packages

Git / github.com/389ds/389-ds-base

Affected ranges

Type
GIT
Repo
https://github.com/389ds/389-ds-base
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "1.4.3.0"
        },
        {
            "fixed": "2.2.*"
        }
    ]
}

Affected versions

389-ds-base-1.*
389-ds-base-1.2.10.a1
389-ds-base-1.2.10.a2
389-ds-base-1.2.10.a3
389-ds-base-1.2.10.a4
389-ds-base-1.2.10.a5
389-ds-base-1.2.10.a6
389-ds-base-1.2.10.a7
389-ds-base-1.2.10.a8
389-ds-base-1.2.10.rc1
389-ds-base-1.2.11.a1
389-ds-base-1.2.3
389-ds-base-1.2.4
389-ds-base-1.2.5.a1
389-ds-base-1.2.5.rc1
389-ds-base-1.2.5.rc2
389-ds-base-1.2.5.rc3
389-ds-base-1.2.5.rc4
389-ds-base-1.2.6.a1
389-ds-base-1.2.6.a2
389-ds-base-1.2.6.a3
389-ds-base-1.2.6.a4
389-ds-base-1.2.6.rc1
389-ds-base-1.2.6.rc2
389-ds-base-1.2.6.rc3
389-ds-base-1.2.7
389-ds-base-1.2.7.1
389-ds-base-1.2.7.2
389-ds-base-1.2.7.3
389-ds-base-1.2.7.4
389-ds-base-1.2.7.a1
389-ds-base-1.2.7.a2
389-ds-base-1.2.7.a3
389-ds-base-1.2.7.a4
389-ds-base-1.2.7.a5
389-ds-base-1.2.8.a1
389-ds-base-1.2.8.a2
389-ds-base-1.2.9.0
389-ds-base-1.2.9.1
389-ds-base-1.2.9.2
389-ds-base-1.2.9.3
389-ds-base-1.2.9.4
389-ds-base-1.2.9.5
389-ds-base-1.2.9.a1
389-ds-base-1.2.9.a2
389-ds-base-1.3.0.a1
389-ds-base-1.3.0.rc1
389-ds-base-1.3.5.0
389-ds-base-1.3.5.1
389-ds-base-1.3.5.10
389-ds-base-1.3.5.11
389-ds-base-1.3.5.12
389-ds-base-1.3.5.13
389-ds-base-1.3.5.2
389-ds-base-1.3.5.3
389-ds-base-1.3.5.4
389-ds-base-1.3.5.5
389-ds-base-1.3.5.6
389-ds-base-1.3.5.7
389-ds-base-1.3.5.8
389-ds-base-1.3.5.9
389-ds-base-1.3.6.0
389-ds-base-1.3.6.1
389-ds-base-1.3.6.2
389-ds-base-1.3.6.3
389-ds-base-1.3.6.4
389-ds-base-1.3.7.0
389-ds-base-1.3.7.2
389-ds-base-1.3.7.3
389-ds-base-1.3.7.4
389-ds-base-1.4.0.0
389-ds-base-1.4.0.1
389-ds-base-1.4.0.10
389-ds-base-1.4.0.11
389-ds-base-1.4.0.12
389-ds-base-1.4.0.13
389-ds-base-1.4.0.14
389-ds-base-1.4.0.15
389-ds-base-1.4.0.16
389-ds-base-1.4.0.17
389-ds-base-1.4.0.18
389-ds-base-1.4.0.19
389-ds-base-1.4.0.2
389-ds-base-1.4.0.20
389-ds-base-1.4.0.3
389-ds-base-1.4.0.4
389-ds-base-1.4.0.5
389-ds-base-1.4.0.6
389-ds-base-1.4.0.7
389-ds-base-1.4.0.8
389-ds-base-1.4.0.9
389-ds-base-1.4.1.0
389-ds-base-1.4.1.1
389-ds-base-1.4.1.2
389-ds-base-1.4.1.3
389-ds-base-1.4.1.4
389-ds-base-1.4.1.5
389-ds-base-1.4.1.6
389-ds-base-1.4.2.1
389-ds-base-1.4.2.2
389-ds-base-1.4.2.3
389-ds-base-1.4.2.4
389-ds-base-1.4.2.5
389-ds-base-1.4.3.1
389-ds-base-1.4.3.2
389-ds-base-1.4.3.3
389-ds-base-1.4.3.4
389-ds-base-1.4.3.5
389-ds-base-1.4.4.0
389-ds-base-1.4.4.1
389-ds-base-1.4.4.2
389-ds-base-1.4.4.3
389-ds-base-1.4.4.4
389-ds-base-1.4.4.5
389-ds-base-1.4.5.0
389-ds-base-2.*
389-ds-base-2.0.0
389-ds-base-2.0.0.0
389-ds-base-2.0.1
389-ds-base-2.0.2
389-ds-base-2.0.3
389-ds-base-2.0.4
389-ds-base-2.0.5
389-ds-base-2.0.7
Other
Directory_Server_8_1_Candidate_20090324
FedoraDirSvr10
FedoraDirSvr110a1
FedoraDirSvr110a2
FedoraDirSvr110a3
FedoraDirSvr110a3_20070320
FedoraDirSvr110a4
FedoraDirSvr110a4_20070720
FedoraDirSvr110b1
FedoraDirSvr110b1_20070813
FedoraDirSvr110b1_20070816
FedoraDirSvr110b2
FedoraDirSvr110b2_20071107
FedoraDirSvr111
FedoraDirSvr111_20080530
FedoraDirSvr_1_1_2
FedoraDirSvr_1_1_2_20080904
FedoraDirSvr_1_1_2_RC
FedoraDirSvr_1_1_2_RC2
FedoraDirSvr_1_1_2_RC_20080828
FedoraDirSvr_1_1_3_20080923
FedoraDirSvr_20051103_RTC
before-merge-nunc-stans
ldapserver7x

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-1062.json"