JLSEC-2026-160

See a problem?
Please try reporting it to the source first.

Source

https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2026/JLSEC-2026-160.md

Import Source

https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-160.json

JSON Data

https://api.test.osv.dev/v1/vulns/JLSEC-2026-160

Upstream

CVE-2020-25692

Published

2026-04-21T00:04:14.628Z

Modified

2026-04-21T00:16:38.692945Z

Summary

[none]

Details

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.

Database specific

{
    "license": "CC-BY-4.0",
    "sources": [
        {
            "imported": "2026-04-20T22:59:56.271Z",
            "modified": "2024-11-21T05:18:29.210Z",
            "published": "2020-12-08T01:15:12.133Z",
            "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-25692",
            "database_specific": {
                "status": "Modified"
            },
            "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25692",
            "id": "CVE-2020-25692"
        }
    ]
}

References

Affected packages

Julia / OpenLDAPClient_jll

Package

Name: OpenLDAPClient_jll
Purl: pkg:julia/OpenLDAPClient_jll?uuid=234f2d50-f964-585e-b1c8-17cd4567e563

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.5.14+0

Database specific

source

"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-160.json"