CVE-2025-61912
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-61912
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-61912.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-61912
- Aliases
- Downstream
- Related
- Published
- 2025-10-10T22:04:25.028Z
- Modified
- 2025-12-02T20:16:30.439819Z
- Severity
-
- 5.5 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator
- Summary
- python-ldap Vulnerable to Improper Encoding or Escaping of Output and Improper Null Termination
- Details
-
python-ldap is a lightweight directory access protocol (LDAP) client API for Python. In versions prior to 3.4.5, ldap.dn.escapednchars() escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to construct DNs from untrusted input can be made to consistently fail before a request is sent to the LDAP server (e.g., AD), resulting in a client-side denial of service. Version 3.4.5 contains a patch for the issue.
- Database specific
{ "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-116", "CWE-170" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/61xxx/CVE-2025-61912.json" }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/61xxx/CVE-2025-61912.json
- https://github.com/python-ldap/python-ldap/commit/6ea80326a34ee6093219628d7690bced50c49a3f
- https://github.com/python-ldap/python-ldap/releases/tag/python-ldap-3.4.5
- https://github.com/python-ldap/python-ldap/security/advisories/GHSA-p34h-wq7j-h5v6
- https://nvd.nist.gov/vuln/detail/CVE-2025-61912
Affected packages
Git / github.com/python-ldap/python-ldap
Affected ranges
- Type
- GIT
- Repo
- https://github.com/python-ldap/python-ldap
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
python-ldap-2.*
python-ldap-2.3.0
python-ldap-2.3.10
python-ldap-2.3.11
python-ldap-2.3.13
python-ldap-2.3.3
python-ldap-2.3.4
python-ldap-2.3.7
python-ldap-2.3.8
python-ldap-2.3.9
python-ldap-2.4.10
python-ldap-2.4.12
python-ldap-2.4.13
python-ldap-2.4.20
python-ldap-2.4.21
python-ldap-2.4.23
python-ldap-2.4.26
python-ldap-2.4.27
python-ldap-2.4.28
python-ldap-2.4.29
python-ldap-2.4.30
python-ldap-2.4.31
python-ldap-2.4.32
python-ldap-2.4.33
python-ldap-2.4.35
python-ldap-2.4.36
python-ldap-2.4.37
python-ldap-2.4.38
python-ldap-2.4.39
python-ldap-2.4.4
python-ldap-2.4.40
python-ldap-2.4.41
python-ldap-2.4.42
python-ldap-2.4.43
python-ldap-2.4.44
python-ldap-2.4.45
python-ldap-2.4.6
python-ldap-2.4.7
python-ldap-2.4.9
python-ldap-2.5.0
python-ldap-2.5.1
python-ldap-3.*
python-ldap-3.0.0
python-ldap-3.0.0b1
python-ldap-3.0.0b2
python-ldap-3.0.0b3
python-ldap-3.0.0b4
python-ldap-3.1.0
python-ldap-3.2.0
python-ldap-3.3.0
python-ldap-3.4.0
python-ldap-3.4.1
python-ldap-3.4.2
python-ldap-3.4.3
python-ldap-3.4.4