CVE-2025-61912

python-ldap is a lightweight directory access protocol (LDAP) client API for Python. In versions prior to 3.4.5, ldap.dn.escapednchars() escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to construct DNs from untrusted input can be made to consistently fail before a request is sent to the LDAP server (e.g., AD), resulting in a client-side denial of service. Version 3.4.5 contains a patch for the issue.

Database specific

{
    "cwe_ids": [
        "CWE-116",
        "CWE-170"
    ]
}

References

Affected packages

Git / github.com/python-ldap/python-ldap

Affected ranges

Type: GIT
Repo: https://github.com/python-ldap/python-ldap
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

bf666e918615b00dbcd1bbe71542522eedfdffc1

Affected versions

python-ldap-2.*

python-ldap-2.3.0

python-ldap-2.3.10

python-ldap-2.3.11

python-ldap-2.3.13

python-ldap-2.3.3

python-ldap-2.3.4

python-ldap-2.3.7

python-ldap-2.3.8

python-ldap-2.3.9

python-ldap-2.4.10

python-ldap-2.4.12

python-ldap-2.4.13

python-ldap-2.4.20

python-ldap-2.4.21

python-ldap-2.4.23

python-ldap-2.4.26

python-ldap-2.4.27

python-ldap-2.4.28

python-ldap-2.4.29

python-ldap-2.4.30

python-ldap-2.4.31

python-ldap-2.4.32

python-ldap-2.4.33

python-ldap-2.4.35

python-ldap-2.4.36

python-ldap-2.4.37

python-ldap-2.4.38

python-ldap-2.4.39

python-ldap-2.4.4

python-ldap-2.4.40

python-ldap-2.4.41

python-ldap-2.4.42

python-ldap-2.4.43

python-ldap-2.4.44

python-ldap-2.4.45

python-ldap-2.4.6

python-ldap-2.4.7

python-ldap-2.4.9

python-ldap-2.5.0

python-ldap-2.5.1

python-ldap-3.*

python-ldap-3.0.0

python-ldap-3.0.0b1

python-ldap-3.0.0b2

python-ldap-3.0.0b3

python-ldap-3.0.0b4

python-ldap-3.1.0

python-ldap-3.2.0

python-ldap-3.3.0

python-ldap-3.4.0

python-ldap-3.4.1

python-ldap-3.4.2

python-ldap-3.4.3

python-ldap-3.4.4