Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1049340?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1049340?format=api", "purl": "pkg:deb/debian/389-ds-base@1.3.3.5-4", "type": "deb", "namespace": "debian", "name": "389-ds-base", "version": "1.3.3.5-4", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "3.1.2+vendor1-2", "latest_non_vulnerable_version": "3.1.2+vendor1-2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83716?format=api", "vulnerability_id": "VCID-1cnv-xra9-d7fw", "summary": "389-ds-base: Remote DoS via search filters in slapi_filter_sprintf in slapd/util.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15134.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15134.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15134", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05689", "scoring_system": "epss", "scoring_elements": "0.90361", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05689", "scoring_system": "epss", "scoring_elements": "0.90364", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05689", "scoring_system": "epss", "scoring_elements": "0.90376", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05689", "scoring_system": "epss", "scoring_elements": "0.9038", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05689", "scoring_system": "epss", "scoring_elements": "0.90394", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05689", "scoring_system": "epss", "scoring_elements": "0.90401", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05689", "scoring_system": "epss", "scoring_elements": "0.90408", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05689", "scoring_system": "epss", "scoring_elements": "0.90417", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05689", "scoring_system": "epss", "scoring_elements": "0.90415", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05689", "scoring_system": "epss", "scoring_elements": "0.90429", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15134" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15134", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15134" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531573", "reference_id": "1531573", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531573" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888452", "reference_id": "888452", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0163", "reference_id": "RHSA-2018:0163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0163" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049342?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.0.21-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.0.21-1" } ], "aliases": [ "CVE-2017-15134" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1cnv-xra9-d7fw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83486?format=api", "vulnerability_id": "VCID-1emx-jre5-v7dm", "summary": "389-ds-base: ns-slapd crash via large filter value in ldapsearch", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1089.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1089.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1089", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14569", "scoring_system": "epss", "scoring_elements": "0.94428", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.14569", "scoring_system": "epss", "scoring_elements": "0.94488", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.14569", "scoring_system": "epss", "scoring_elements": "0.94485", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.14569", "scoring_system": "epss", "scoring_elements": "0.94489", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.14569", "scoring_system": "epss", "scoring_elements": "0.94436", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.14569", "scoring_system": "epss", "scoring_elements": "0.94447", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.14569", "scoring_system": "epss", "scoring_elements": "0.94448", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.14569", "scoring_system": "epss", "scoring_elements": "0.94458", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.14569", "scoring_system": "epss", "scoring_elements": "0.94462", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.14569", "scoring_system": "epss", "scoring_elements": "0.94465", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.14569", "scoring_system": "epss", "scoring_elements": "0.94467", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.14569", "scoring_system": "epss", "scoring_elements": "0.94481", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1089" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1089", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1089" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1089", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1089" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00018.html" }, { "reference_url": "http://www.securityfocus.com/bid/104137", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104137" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559802", "reference_id": "1559802", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559802" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898138", "reference_id": "898138", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898138" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:1.3.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:1.3.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:1.3.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:1.3.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:1.3.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:1.3.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1089", "reference_id": "CVE-2018-1089", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1364", "reference_id": "RHSA-2018:1364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1380", "reference_id": "RHSA-2018:1380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1380" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049342?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.0.21-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.0.21-1" } ], "aliases": [ "CVE-2018-1089" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1emx-jre5-v7dm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85372?format=api", "vulnerability_id": "VCID-34te-4xhe-17h2", "summary": "389-ds-base: worker threads do not detect abnormally closed connections causing DoS", "references": [ { "reference_url": "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-4-7.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-4-7.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0204.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0204.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0741.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0741.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0741", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0402", "scoring_system": "epss", "scoring_elements": "0.88489", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0402", "scoring_system": "epss", "scoring_elements": "0.88484", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0402", "scoring_system": "epss", "scoring_elements": "0.8841", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0402", "scoring_system": "epss", "scoring_elements": "0.88418", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0402", "scoring_system": "epss", "scoring_elements": "0.88427", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0402", "scoring_system": "epss", "scoring_elements": "0.8843", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0402", "scoring_system": "epss", "scoring_elements": "0.88449", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0402", "scoring_system": "epss", "scoring_elements": "0.88455", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0402", "scoring_system": "epss", "scoring_elements": "0.88465", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0402", "scoring_system": "epss", "scoring_elements": "0.88458", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0402", "scoring_system": "epss", "scoring_elements": "0.88457", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0402", "scoring_system": "epss", "scoring_elements": "0.88471", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0402", "scoring_system": "epss", "scoring_elements": "0.88468", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0402", "scoring_system": "epss", "scoring_elements": "0.88466", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0741" }, { "reference_url": "https://fedorahosted.org/389/changeset/cd45d032421b0ecf76d8cbb9b1c3aeef7680d9a2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://fedorahosted.org/389/changeset/cd45d032421b0ecf76d8cbb9b1c3aeef7680d9a2/" }, { "reference_url": "https://fedorahosted.org/389/ticket/48412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://fedorahosted.org/389/ticket/48412" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/82343", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/82343" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299416", "reference_id": "1299416", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299416" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0741", "reference_id": "CVE-2016-0741", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0204", "reference_id": "RHSA-2016:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0204" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049341?format=api", "purl": "pkg:deb/debian/389-ds-base@1.3.5.17-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cnv-xra9-d7fw" }, { "vulnerability": "VCID-1emx-jre5-v7dm" }, { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-7teh-3vk4-a7du" }, { "vulnerability": "VCID-f3t3-vxrz-8uew" }, { "vulnerability": "VCID-gmg8-mepq-87ez" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-hvag-zpvk-vqbw" }, { "vulnerability": "VCID-jge6-uqra-yba1" }, { "vulnerability": "VCID-kkeh-mm7b-quc4" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-s9es-be9s-t3h3" }, { "vulnerability": "VCID-vu7g-kqpe-83hq" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-yaw8-dzr7-hyha" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.3.5.17-2" } ], "aliases": [ "CVE-2016-0741" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-34te-4xhe-17h2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82979?format=api", "vulnerability_id": "VCID-3paj-fqdp-yyg3", "summary": "389-ds-base: using dscreate in verbose mode results in information disclosure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10224.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10224.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10224", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16239", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16365", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16304", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16242", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16263", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16299", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16189", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.1642", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16483", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.1628", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16423", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16407", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16368", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18993", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10224" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10224", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10224" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10224", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10224" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html" }, { "reference_url": "https://pagure.io/389-ds-base/issue/50251", "reference_id": "", "reference_type": "", "scores": [], "url": "https://pagure.io/389-ds-base/issue/50251" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677147", "reference_id": "1677147", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677147" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10224", "reference_id": "CVE-2019-10224", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3401", "reference_id": "RHSA-2019:3401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3401" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583111?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.4.11-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-63rm-mq1r-5fbz" }, { "vulnerability": "VCID-6f2q-qatg-kucr" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-bpw5-xeju-93f3" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-kbvd-dfmn-buat" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pqe1-ewjj-uqbn" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-xs3r-chc9-27dr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2" } ], "aliases": [ "CVE-2019-10224" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3paj-fqdp-yyg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75506?format=api", "vulnerability_id": "VCID-4tdy-umt6-4ubr", "summary": "389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2199.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2199.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2199", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.2543", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25485", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25439", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27125", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27161", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26953", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27021", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27067", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2707", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27025", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26969", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26978", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26952", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2199" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2199" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072531", "reference_id": "1072531", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072531" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267976", "reference_id": "2267976", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267976" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.8::el8", "reference_id": "cpe:/a:redhat:directory_server:11.8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.9::el8", "reference_id": "cpe:/a:redhat:directory_server:11.9::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.9::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12.4::el9", "reference_id": "cpe:/a:redhat:directory_server:12.4::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12.4::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8", "reference_id": "cpe:/a:redhat:directory_server_e4s:11.5::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client", "reference_id": "cpe:/o:redhat:enterprise_linux:7::client", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode", "reference_id": "cpe:/o:redhat:enterprise_linux:7::computenode", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server", "reference_id": "cpe:/o:redhat:enterprise_linux:7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation", "reference_id": "cpe:/o:redhat:enterprise_linux:7::workstation", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-2199", "reference_id": "CVE-2024-2199", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-2199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3591", "reference_id": "RHSA-2024:3591", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:3591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3837", "reference_id": "RHSA-2024:3837", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:3837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4092", "reference_id": "RHSA-2024:4092", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4092" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4209", "reference_id": "RHSA-2024:4209", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4210", "reference_id": "RHSA-2024:4210", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4235", "reference_id": "RHSA-2024:4235", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4633", "reference_id": "RHSA-2024:4633", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4633" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5690", "reference_id": "RHSA-2024:5690", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:5690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1632", "reference_id": "RHSA-2025:1632", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:1632" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583112?format=api", "purl": "pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f2q-qatg-kucr" }, { "vulnerability": "VCID-bpw5-xeju-93f3" }, { "vulnerability": "VCID-kbvd-dfmn-buat" }, { "vulnerability": "VCID-pqe1-ewjj-uqbn" }, { "vulnerability": "VCID-xs3r-chc9-27dr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1" } ], "aliases": [ "CVE-2024-2199" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4tdy-umt6-4ubr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80468?format=api", "vulnerability_id": "VCID-4tn2-her5-6fe1", "summary": "389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3514.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3514.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3514", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56838", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56984", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56948", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56977", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56974", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56951", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56932", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56954", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.5693", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56981", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56991", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56972", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57639", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.5762", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3514" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3514", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3514" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1952907", "reference_id": "1952907", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1952907" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988727", "reference_id": "988727", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988727" }, { "reference_url": "https://security.archlinux.org/ASA-202107-72", "reference_id": "ASA-202107-72", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-72" }, { "reference_url": "https://security.archlinux.org/AVG-2206", "reference_id": "AVG-2206", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2206" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2595", "reference_id": "RHSA-2021:2595", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2595" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2796", "reference_id": "RHSA-2021:2796", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3955", "reference_id": "RHSA-2021:3955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0952", "reference_id": "RHSA-2022:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0952" }, { "reference_url": "https://usn.ubuntu.com/USN-5231-1/", "reference_id": "USN-USN-5231-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5231-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583111?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.4.11-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-63rm-mq1r-5fbz" }, { "vulnerability": "VCID-6f2q-qatg-kucr" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-bpw5-xeju-93f3" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-kbvd-dfmn-buat" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pqe1-ewjj-uqbn" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-xs3r-chc9-27dr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2" } ], "aliases": [ "CVE-2021-3514" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4tn2-her5-6fe1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79580?format=api", "vulnerability_id": "VCID-77rw-db6h-hya9", "summary": "389-ds-base: sending crafted message could result in DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0918.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0918.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08412", "scoring_system": "epss", "scoring_elements": "0.92295", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08412", "scoring_system": "epss", "scoring_elements": "0.92302", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08412", "scoring_system": "epss", "scoring_elements": "0.92308", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08412", "scoring_system": "epss", "scoring_elements": "0.92311", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08412", "scoring_system": "epss", "scoring_elements": "0.92322", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08412", "scoring_system": "epss", "scoring_elements": "0.92327", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08412", "scoring_system": "epss", "scoring_elements": "0.92332", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08412", "scoring_system": "epss", "scoring_elements": "0.92334", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08412", "scoring_system": "epss", "scoring_elements": "0.92333", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08793", "scoring_system": "epss", "scoring_elements": "0.92539", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.08793", "scoring_system": "epss", "scoring_elements": "0.92537", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08793", "scoring_system": "epss", "scoring_elements": "0.92538", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0946", "scoring_system": "epss", "scoring_elements": "0.92824", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0918" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016445", "reference_id": "1016445", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016445" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055815", "reference_id": "2055815", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2210", "reference_id": "RHSA-2022:2210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5239", "reference_id": "RHSA-2022:5239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5620", "reference_id": "RHSA-2022:5620", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5620" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5823", "reference_id": "RHSA-2022:5823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8162", "reference_id": "RHSA-2022:8162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8976", "reference_id": "RHSA-2022:8976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8976" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583112?format=api", "purl": "pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f2q-qatg-kucr" }, { "vulnerability": "VCID-bpw5-xeju-93f3" }, { "vulnerability": "VCID-kbvd-dfmn-buat" }, { "vulnerability": "VCID-pqe1-ewjj-uqbn" }, { "vulnerability": "VCID-xs3r-chc9-27dr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1" } ], "aliases": [ "CVE-2022-0918" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-77rw-db6h-hya9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83183?format=api", "vulnerability_id": "VCID-7teh-3vk4-a7du", "summary": "389-ds-base: Server crash through modify command with large DN", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14624.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14624.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01478", "scoring_system": "epss", "scoring_elements": "0.80922", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01478", "scoring_system": "epss", "scoring_elements": "0.80931", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01478", "scoring_system": "epss", "scoring_elements": "0.80954", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01478", "scoring_system": "epss", "scoring_elements": "0.80951", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01478", "scoring_system": "epss", "scoring_elements": "0.80978", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01478", "scoring_system": "epss", "scoring_elements": "0.80986", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01478", "scoring_system": "epss", "scoring_elements": "0.81002", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01478", "scoring_system": "epss", "scoring_elements": "0.80988", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01478", "scoring_system": "epss", "scoring_elements": "0.8098", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01478", "scoring_system": "epss", "scoring_elements": "0.81017", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01478", "scoring_system": "epss", "scoring_elements": "0.81019", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01478", "scoring_system": "epss", "scoring_elements": "0.81018", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01478", "scoring_system": "epss", "scoring_elements": "0.81041", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01478", "scoring_system": "epss", "scoring_elements": "0.81049", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1619450", "reference_id": "1619450", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1619450" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907778", "reference_id": "907778", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2757", "reference_id": "RHSA-2018:2757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2757" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049342?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.0.21-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.0.21-1" } ], "aliases": [ "CVE-2018-14624" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7teh-3vk4-a7du" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84816?format=api", "vulnerability_id": "VCID-ewv4-4dk9-8bew", "summary": "389-ds-base: Password verification vulnerable to timing attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5405.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5405.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5405", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69188", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69203", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69224", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69207", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69257", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69297", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69282", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69253", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69292", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69301", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69281", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69332", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69339", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5405" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358865", "reference_id": "1358865", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358865" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842121", "reference_id": "842121", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2594", "reference_id": "RHSA-2016:2594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2765", "reference_id": "RHSA-2016:2765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2765" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049341?format=api", "purl": "pkg:deb/debian/389-ds-base@1.3.5.17-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cnv-xra9-d7fw" }, { "vulnerability": "VCID-1emx-jre5-v7dm" }, { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-7teh-3vk4-a7du" }, { "vulnerability": "VCID-f3t3-vxrz-8uew" }, { "vulnerability": "VCID-gmg8-mepq-87ez" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-hvag-zpvk-vqbw" }, { "vulnerability": "VCID-jge6-uqra-yba1" }, { "vulnerability": "VCID-kkeh-mm7b-quc4" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-s9es-be9s-t3h3" }, { "vulnerability": "VCID-vu7g-kqpe-83hq" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-yaw8-dzr7-hyha" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.3.5.17-2" } ], "aliases": [ "CVE-2016-5405" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ewv4-4dk9-8bew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83184?format=api", "vulnerability_id": "VCID-f3t3-vxrz-8uew", "summary": "389-ds-base: Crash in delete_passwdPolicy when persistent search connections are terminated unexpectedly", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14638.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14638.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14638", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.75028", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.7503", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.7506", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.75036", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.7507", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.75082", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.75104", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.75083", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80466", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80399", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80428", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.8043", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80433", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80459", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14638" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14638", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14638" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1626079", "reference_id": "1626079", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1626079" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908859", "reference_id": "908859", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908859" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2757", "reference_id": "RHSA-2018:2757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2757" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049342?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.0.21-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.0.21-1" } ], "aliases": [ "CVE-2018-14638" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f3t3-vxrz-8uew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83125?format=api", "vulnerability_id": "VCID-gmg8-mepq-87ez", "summary": "389-ds-base: Mishandled search requests in servers/slapd/search.c:do_search() allows for denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14648.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14648.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14648", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04251", "scoring_system": "epss", "scoring_elements": "0.88756", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04251", "scoring_system": "epss", "scoring_elements": "0.88765", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04251", "scoring_system": "epss", "scoring_elements": "0.88781", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04251", "scoring_system": "epss", "scoring_elements": "0.88783", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04251", "scoring_system": "epss", "scoring_elements": "0.88799", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04251", "scoring_system": "epss", "scoring_elements": "0.88804", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04251", "scoring_system": "epss", "scoring_elements": "0.88817", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04251", "scoring_system": "epss", "scoring_elements": "0.88811", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07503", "scoring_system": "epss", "scoring_elements": "0.91818", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.07503", "scoring_system": "epss", "scoring_elements": "0.918", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07503", "scoring_system": "epss", "scoring_elements": "0.91819", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.07503", "scoring_system": "epss", "scoring_elements": "0.91812", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14648" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14648", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14648" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1630668", "reference_id": "1630668", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1630668" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3127", "reference_id": "RHSA-2018:3127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3507", "reference_id": "RHSA-2018:3507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3507" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049342?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.0.21-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.0.21-1" } ], "aliases": [ "CVE-2018-14648" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gmg8-mepq-87ez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85630?format=api", "vulnerability_id": "VCID-gmpt-rg5q-n3dk", "summary": "389-ds-base: nsSSL3Ciphers preference not enforced server side (regression)", "references": [ { "reference_url": "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-3-12.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-3-12.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168985.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168985.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3230.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3230.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3230", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69719", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69561", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69574", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69589", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69568", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69619", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69635", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69658", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69643", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69628", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69669", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69678", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69659", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69711", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3230" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1230996", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1230996" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3230", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3230" }, { "reference_url": "https://fedorahosted.org/389/ticket/48194", "reference_id": "", "reference_type": "", "scores": [], "url": "https://fedorahosted.org/389/ticket/48194" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1232096", "reference_id": "1232096", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1232096" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789202", "reference_id": "789202", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789202" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3230", "reference_id": "CVE-2015-3230", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3230" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049341?format=api", "purl": "pkg:deb/debian/389-ds-base@1.3.5.17-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cnv-xra9-d7fw" }, { "vulnerability": "VCID-1emx-jre5-v7dm" }, { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-7teh-3vk4-a7du" }, { "vulnerability": "VCID-f3t3-vxrz-8uew" }, { "vulnerability": "VCID-gmg8-mepq-87ez" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-hvag-zpvk-vqbw" }, { "vulnerability": "VCID-jge6-uqra-yba1" }, { "vulnerability": "VCID-kkeh-mm7b-quc4" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-s9es-be9s-t3h3" }, { "vulnerability": "VCID-vu7g-kqpe-83hq" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-yaw8-dzr7-hyha" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.3.5.17-2" } ], "aliases": [ "CVE-2015-3230" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gmpt-rg5q-n3dk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79721?format=api", "vulnerability_id": "VCID-hjvf-3mm8-xfhq", "summary": "389-ds-base: double free of the virtual attribute context in persistent search", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4091.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4091.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4091", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56833", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56903", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.569", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56877", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56816", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56853", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56905", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56908", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56917", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56896", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56874", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56908", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56929", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56813", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4091" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4091", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4091" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030307", "reference_id": "2030307", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0628", "reference_id": "RHSA-2022:0628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0889", "reference_id": "RHSA-2022:0889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0952", "reference_id": "RHSA-2022:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1410", "reference_id": "RHSA-2022:1410", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1410" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583112?format=api", "purl": "pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f2q-qatg-kucr" }, { "vulnerability": "VCID-bpw5-xeju-93f3" }, { "vulnerability": "VCID-kbvd-dfmn-buat" }, { "vulnerability": "VCID-pqe1-ewjj-uqbn" }, { "vulnerability": "VCID-xs3r-chc9-27dr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1" } ], "aliases": [ "CVE-2021-4091" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hjvf-3mm8-xfhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83255?format=api", "vulnerability_id": "VCID-hvag-zpvk-vqbw", "summary": "389-ds-base: ldapsearch with server side sort allows users to cause a crash", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10935.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10935.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10935", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62829", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62887", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62917", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62881", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62932", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62948", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62966", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62954", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62973", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.6298", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62959", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62994", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10935" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10935" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1613606", "reference_id": "1613606", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1613606" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906985", "reference_id": "906985", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906985" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2757", "reference_id": "RHSA-2018:2757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2757" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049342?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.0.21-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.0.21-1" } ], "aliases": [ "CVE-2018-10935" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hvag-zpvk-vqbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84087?format=api", "vulnerability_id": "VCID-jge6-uqra-yba1", "summary": "389-ds-base: Password brute-force possible for locked account due to different return codes", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7551.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7551.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7551", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49698", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49727", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49699", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49689", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61915", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61932", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61953", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61941", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61921", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61964", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61791", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61864", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61895", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61866", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7551" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477669", "reference_id": "1477669", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477669" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870752", "reference_id": "870752", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2569", "reference_id": "RHSA-2017:2569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2569" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049342?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.0.21-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.0.21-1" } ], "aliases": [ "CVE-2017-7551" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jge6-uqra-yba1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83626?format=api", "vulnerability_id": "VCID-kkeh-mm7b-quc4", "summary": "389-ds-base: remote Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1054.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1054.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1054", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14722", "scoring_system": "epss", "scoring_elements": "0.94456", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.14722", "scoring_system": "epss", "scoring_elements": "0.94463", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.14722", "scoring_system": "epss", "scoring_elements": "0.9447", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.14722", "scoring_system": "epss", "scoring_elements": "0.94472", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.14722", "scoring_system": "epss", "scoring_elements": "0.94482", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.14722", "scoring_system": "epss", "scoring_elements": "0.94485", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.14722", "scoring_system": "epss", "scoring_elements": "0.94489", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.14722", "scoring_system": "epss", "scoring_elements": "0.94491", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.14722", "scoring_system": "epss", "scoring_elements": "0.9449", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.14722", "scoring_system": "epss", "scoring_elements": "0.94504", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.14722", "scoring_system": "epss", "scoring_elements": "0.94509", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.14722", "scoring_system": "epss", "scoring_elements": "0.94513", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.14722", "scoring_system": "epss", "scoring_elements": "0.94514", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.14722", "scoring_system": "epss", "scoring_elements": "0.94512", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1054" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1054", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1054" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537314", "reference_id": "1537314", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537314" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892124", "reference_id": "892124", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0414", "reference_id": "RHSA-2018:0414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0515", "reference_id": "RHSA-2018:0515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0515" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049342?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.0.21-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.0.21-1" } ], "aliases": [ "CVE-2018-1054" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kkeh-mm7b-quc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80201?format=api", "vulnerability_id": "VCID-knxk-357y-efhh", "summary": "389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3652.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3652.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3652", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29771", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30007", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30022", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30002", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29958", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29885", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29999", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30059", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30095", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30099", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30056", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.3368", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33713", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33528", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3652" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3652", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3652" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982782", "reference_id": "1982782", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982782" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991405", "reference_id": "991405", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991405" }, { "reference_url": "https://security.archlinux.org/ASA-202107-72", "reference_id": "ASA-202107-72", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-72" }, { "reference_url": "https://security.archlinux.org/AVG-2206", "reference_id": "AVG-2206", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2206" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3079", "reference_id": "RHSA-2021:3079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3807", "reference_id": "RHSA-2021:3807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3906", "reference_id": "RHSA-2021:3906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3955", "reference_id": "RHSA-2021:3955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3955" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583112?format=api", "purl": "pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f2q-qatg-kucr" }, { "vulnerability": "VCID-bpw5-xeju-93f3" }, { "vulnerability": "VCID-kbvd-dfmn-buat" }, { "vulnerability": "VCID-pqe1-ewjj-uqbn" }, { "vulnerability": "VCID-xs3r-chc9-27dr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1" } ], "aliases": [ "CVE-2021-3652" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-knxk-357y-efhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84901?format=api", "vulnerability_id": "VCID-n9jd-zew1-77d7", "summary": "389-ds-base: Heap buffer overflow in uiduniq.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2591.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2591.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2591", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02774", "scoring_system": "epss", "scoring_elements": "0.86094", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02774", "scoring_system": "epss", "scoring_elements": "0.86042", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02774", "scoring_system": "epss", "scoring_elements": "0.86057", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02774", "scoring_system": "epss", "scoring_elements": "0.86054", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02774", "scoring_system": "epss", "scoring_elements": "0.8605", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02774", "scoring_system": "epss", "scoring_elements": "0.86067", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02774", "scoring_system": "epss", "scoring_elements": "0.86072", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02774", "scoring_system": "epss", "scoring_elements": "0.86064", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02774", "scoring_system": "epss", "scoring_elements": "0.86084", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06828", "scoring_system": "epss", "scoring_elements": "0.91293", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06828", "scoring_system": "epss", "scoring_elements": "0.91297", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06828", "scoring_system": "epss", "scoring_elements": "0.91308", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06828", "scoring_system": "epss", "scoring_elements": "0.91315", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06828", "scoring_system": "epss", "scoring_elements": "0.91327", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2591" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2591" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://pagure.io/389-ds-base/issue/48986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://pagure.io/389-ds-base/issue/48986" }, { "reference_url": "http://www.securityfocus.com/bid/95670", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95670" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1381481", "reference_id": "1381481", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1381481" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851769", "reference_id": "851769", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851769" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2591", "reference_id": "CVE-2017-2591", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2591" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049341?format=api", "purl": "pkg:deb/debian/389-ds-base@1.3.5.17-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cnv-xra9-d7fw" }, { "vulnerability": "VCID-1emx-jre5-v7dm" }, { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-7teh-3vk4-a7du" }, { "vulnerability": "VCID-f3t3-vxrz-8uew" }, { "vulnerability": "VCID-gmg8-mepq-87ez" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-hvag-zpvk-vqbw" }, { "vulnerability": "VCID-jge6-uqra-yba1" }, { "vulnerability": "VCID-kkeh-mm7b-quc4" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-s9es-be9s-t3h3" }, { "vulnerability": "VCID-vu7g-kqpe-83hq" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-yaw8-dzr7-hyha" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.3.5.17-2" } ], "aliases": [ "CVE-2017-2591" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n9jd-zew1-77d7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80736?format=api", "vulnerability_id": "VCID-pexr-smr8-gbhh", "summary": "389-ds-base: information disclosure during the binding of a DN", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35518.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35518.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35518", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00801", "scoring_system": "epss", "scoring_elements": "0.74018", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00801", "scoring_system": "epss", "scoring_elements": "0.74149", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00801", "scoring_system": "epss", "scoring_elements": "0.74114", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00801", "scoring_system": "epss", "scoring_elements": "0.7414", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00801", "scoring_system": "epss", "scoring_elements": "0.74024", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00801", "scoring_system": "epss", "scoring_elements": "0.7405", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00801", "scoring_system": "epss", "scoring_elements": "0.74021", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00801", "scoring_system": "epss", "scoring_elements": "0.74055", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00801", "scoring_system": "epss", "scoring_elements": "0.7407", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00801", "scoring_system": "epss", "scoring_elements": "0.74091", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00801", "scoring_system": "epss", "scoring_elements": "0.74073", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00801", "scoring_system": "epss", "scoring_elements": "0.74066", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00801", "scoring_system": "epss", "scoring_elements": "0.74105", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35518" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905565", "reference_id": "1905565", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905565" }, { "reference_url": "https://security.archlinux.org/AVG-1482", "reference_id": "AVG-1482", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1482" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0599", "reference_id": "RHSA-2021:0599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1086", "reference_id": "RHSA-2021:1086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1243", "reference_id": "RHSA-2021:1243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1258", "reference_id": "RHSA-2021:1258", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1258" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2323", "reference_id": "RHSA-2021:2323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2323" }, { "reference_url": "https://usn.ubuntu.com/USN-5231-1/", "reference_id": "USN-USN-5231-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5231-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583111?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.4.11-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-63rm-mq1r-5fbz" }, { "vulnerability": "VCID-6f2q-qatg-kucr" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-bpw5-xeju-93f3" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-kbvd-dfmn-buat" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pqe1-ewjj-uqbn" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-xs3r-chc9-27dr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2" } ], "aliases": [ "CVE-2020-35518" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pexr-smr8-gbhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74023?format=api", "vulnerability_id": "VCID-qkca-awn5-hfas", "summary": "389-ds-base: server crash while modifying `userPassword` using malformed input (Incomplete fix for CVE-2024-2199)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8445.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8445.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8445", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22719", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22891", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22725", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24466", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.245", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24284", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24351", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24395", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24412", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.2437", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24313", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24331", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.2432", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8445" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8445", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8445" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082852", "reference_id": "1082852", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082852" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310110", "reference_id": "2310110", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T19:58:06Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310110" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11", "reference_id": "cpe:/a:redhat:directory_server:11", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12", "reference_id": "cpe:/a:redhat:directory_server:12", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-8445", "reference_id": "CVE-2024-8445", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T19:58:06Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-8445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7434", "reference_id": "RHSA-2024:7434", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T19:58:06Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:7434" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583112?format=api", "purl": "pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f2q-qatg-kucr" }, { "vulnerability": "VCID-bpw5-xeju-93f3" }, { "vulnerability": "VCID-kbvd-dfmn-buat" }, { "vulnerability": "VCID-pqe1-ewjj-uqbn" }, { "vulnerability": "VCID-xs3r-chc9-27dr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1" } ], "aliases": [ "CVE-2024-8445" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qkca-awn5-hfas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75507?format=api", "vulnerability_id": "VCID-qv4g-5kzs-9kfa", "summary": "389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3657.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3657.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3657", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.68004", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.6797", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67951", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67996", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67882", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.679", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.6788", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.6793", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67944", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67968", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67955", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67919", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67956", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3657" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3657", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3657" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401", "reference_id": "2274401", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.7::el8", "reference_id": "cpe:/a:redhat:directory_server:11.7::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.7::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.8::el8", "reference_id": "cpe:/a:redhat:directory_server:11.8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.9::el8", "reference_id": "cpe:/a:redhat:directory_server:11.9::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.9::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12.4::el9", "reference_id": "cpe:/a:redhat:directory_server:12.4::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12.4::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8", "reference_id": "cpe:/a:redhat:directory_server_e4s:11.5::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_eus:12.2::el9", "reference_id": "cpe:/a:redhat:directory_server_eus:12.2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_eus:12.2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client", "reference_id": "cpe:/o:redhat:enterprise_linux:7::client", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode", "reference_id": "cpe:/o:redhat:enterprise_linux:7::computenode", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server", "reference_id": "cpe:/o:redhat:enterprise_linux:7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation", "reference_id": "cpe:/o:redhat:enterprise_linux:7::workstation", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-3657", "reference_id": "CVE-2024-3657", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-3657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3591", "reference_id": "RHSA-2024:3591", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:3591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3837", "reference_id": "RHSA-2024:3837", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:3837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4092", "reference_id": "RHSA-2024:4092", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4092" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4209", "reference_id": "RHSA-2024:4209", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4210", "reference_id": "RHSA-2024:4210", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4235", "reference_id": "RHSA-2024:4235", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4633", "reference_id": "RHSA-2024:4633", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4633" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5690", "reference_id": "RHSA-2024:5690", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:5690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6576", "reference_id": "RHSA-2024:6576", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:6576" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7458", "reference_id": "RHSA-2024:7458", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:7458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1632", "reference_id": "RHSA-2025:1632", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:1632" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583112?format=api", "purl": "pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f2q-qatg-kucr" }, { "vulnerability": "VCID-bpw5-xeju-93f3" }, { "vulnerability": "VCID-kbvd-dfmn-buat" }, { "vulnerability": "VCID-pqe1-ewjj-uqbn" }, { "vulnerability": "VCID-xs3r-chc9-27dr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1" } ], "aliases": [ "CVE-2024-3657" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qv4g-5kzs-9kfa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75349?format=api", "vulnerability_id": "VCID-rffx-mwhe-tqe5", "summary": "389-ds-base: Malformed userPassword hash may cause Denial of Service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5953.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5953.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5953", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21232", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21414", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21382", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21234", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21542", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21601", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21357", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21434", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21495", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21507", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21468", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21413", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21407", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5953" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5953", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5953" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292104", "reference_id": "2292104", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292104" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.7::el8", "reference_id": "cpe:/a:redhat:directory_server:11.7::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.7::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.9::el8", "reference_id": "cpe:/a:redhat:directory_server:11.9::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.9::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12.4::el9", "reference_id": "cpe:/a:redhat:directory_server:12.4::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12.4::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8", "reference_id": "cpe:/a:redhat:directory_server_e4s:11.5::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_eus:12.2::el9", "reference_id": "cpe:/a:redhat:directory_server_eus:12.2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_eus:12.2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-5953", "reference_id": "CVE-2024-5953", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-5953" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4633", "reference_id": "RHSA-2024:4633", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4633" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4997", "reference_id": "RHSA-2024:4997", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4997" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5192", "reference_id": "RHSA-2024:5192", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:5192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5690", "reference_id": "RHSA-2024:5690", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:5690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6153", "reference_id": "RHSA-2024:6153", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:6153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6568", "reference_id": "RHSA-2024:6568", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:6568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6569", "reference_id": "RHSA-2024:6569", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:6569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6576", "reference_id": "RHSA-2024:6576", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:6576" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7458", "reference_id": "RHSA-2024:7458", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:7458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1632", "reference_id": "RHSA-2025:1632", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:1632" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583112?format=api", "purl": "pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f2q-qatg-kucr" }, { "vulnerability": "VCID-bpw5-xeju-93f3" }, { "vulnerability": "VCID-kbvd-dfmn-buat" }, { "vulnerability": "VCID-pqe1-ewjj-uqbn" }, { "vulnerability": "VCID-xs3r-chc9-27dr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1" } ], "aliases": [ "CVE-2024-5953" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rffx-mwhe-tqe5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83405?format=api", "vulnerability_id": "VCID-s9es-be9s-t3h3", "summary": "389-ds-base: race condition on reference counter leads to DoS using persistent search", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10850.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10850.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10850", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81455", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81388", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81424", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81425", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81426", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81447", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02052", "scoring_system": "epss", "scoring_elements": "0.83837", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02052", "scoring_system": "epss", "scoring_elements": "0.83862", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02052", "scoring_system": "epss", "scoring_elements": "0.83868", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02052", "scoring_system": "epss", "scoring_elements": "0.83885", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02052", "scoring_system": "epss", "scoring_elements": "0.83878", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02052", "scoring_system": "epss", "scoring_elements": "0.83809", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02052", "scoring_system": "epss", "scoring_elements": "0.83822", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02052", "scoring_system": "epss", "scoring_elements": "0.83839", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10850" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10850", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10850" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10850", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10850" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00018.html" }, { "reference_url": "https://pagure.io/389-ds-base/c/8f04487f99a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://pagure.io/389-ds-base/c/8f04487f99a" }, { "reference_url": "https://pagure.io/389-ds-base/issue/49768", "reference_id": "", "reference_type": "", "scores": [], "url": "https://pagure.io/389-ds-base/issue/49768" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588056", "reference_id": "1588056", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588056" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903501", "reference_id": "903501", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903501" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10850", "reference_id": "CVE-2018-10850", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2757", "reference_id": "RHSA-2018:2757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2757" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049342?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.0.21-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.0.21-1" } ], "aliases": [ "CVE-2018-10850" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s9es-be9s-t3h3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83715?format=api", "vulnerability_id": "VCID-vu7g-kqpe-83hq", "summary": "389-ds-base: Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15135.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15135.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15135", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48641", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48681", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48707", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48661", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48715", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48711", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48729", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48703", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48759", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48755", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48713", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48697", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48706", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15135" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525628", "reference_id": "1525628", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525628" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888451", "reference_id": "888451", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0414", "reference_id": "RHSA-2018:0414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0515", "reference_id": "RHSA-2018:0515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0515" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049342?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.0.21-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.0.21-1" } ], "aliases": [ "CVE-2017-15135" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vu7g-kqpe-83hq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79162?format=api", "vulnerability_id": "VCID-vx15-pahy-ufbn", "summary": "389-ds-base: SIGSEGV in sync_repl", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2850.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2850.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2850", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56579", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56603", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56622", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56653", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56652", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56625", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56561", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56624", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56654", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56659", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56668", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56643", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2850" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2850", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2850" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018054", "reference_id": "1018054", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018054" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118691", "reference_id": "2118691", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:06:25Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118691" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2022-2850", "reference_id": "CVE-2022-2850", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:06:25Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2022-2850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7087", "reference_id": "RHSA-2022:7087", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7087" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7133", "reference_id": "RHSA-2022:7133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8162", "reference_id": "RHSA-2022:8162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8680", "reference_id": "RHSA-2022:8680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8886", "reference_id": "RHSA-2022:8886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8976", "reference_id": "RHSA-2022:8976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0479", "reference_id": "RHSA-2023:0479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0479" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583112?format=api", "purl": "pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f2q-qatg-kucr" }, { "vulnerability": "VCID-bpw5-xeju-93f3" }, { "vulnerability": "VCID-kbvd-dfmn-buat" }, { "vulnerability": "VCID-pqe1-ewjj-uqbn" }, { "vulnerability": "VCID-xs3r-chc9-27dr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1" } ], "aliases": [ "CVE-2022-2850" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vx15-pahy-ufbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82646?format=api", "vulnerability_id": "VCID-wcyy-45hw-2fc6", "summary": "389-ds-base: DoS via hanging secured connections", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3883.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3883.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3883", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0078", "scoring_system": "epss", "scoring_elements": "0.73773", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00798", "scoring_system": "epss", "scoring_elements": "0.73964", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00798", "scoring_system": "epss", "scoring_elements": "0.74052", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00798", "scoring_system": "epss", "scoring_elements": "0.74061", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00798", "scoring_system": "epss", "scoring_elements": "0.74053", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00798", "scoring_system": "epss", "scoring_elements": "0.74086", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00798", "scoring_system": "epss", "scoring_elements": "0.73971", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00798", "scoring_system": "epss", "scoring_elements": "0.73997", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00798", "scoring_system": "epss", "scoring_elements": "0.73968", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00798", "scoring_system": "epss", "scoring_elements": "0.74002", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00798", "scoring_system": "epss", "scoring_elements": "0.74016", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00798", "scoring_system": "epss", "scoring_elements": "0.74038", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00798", "scoring_system": "epss", "scoring_elements": "0.7402", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00798", "scoring_system": "epss", "scoring_elements": "0.74013", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3883" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3883" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html" }, { "reference_url": "https://pagure.io/389-ds-base/issue/50329", "reference_id": "", "reference_type": "", "scores": [], "url": "https://pagure.io/389-ds-base/issue/50329" }, { "reference_url": "https://pagure.io/389-ds-base/pull-request/50331", "reference_id": "", "reference_type": "", "scores": [], "url": "https://pagure.io/389-ds-base/pull-request/50331" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693612", "reference_id": "1693612", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693612" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927939", "reference_id": "927939", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927939" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3883", "reference_id": "CVE-2019-3883", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1896", "reference_id": "RHSA-2019:1896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3401", "reference_id": "RHSA-2019:3401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3401" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583111?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.4.11-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-63rm-mq1r-5fbz" }, { "vulnerability": "VCID-6f2q-qatg-kucr" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-bpw5-xeju-93f3" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-kbvd-dfmn-buat" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pqe1-ewjj-uqbn" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-xs3r-chc9-27dr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2" } ], "aliases": [ "CVE-2019-3883" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wcyy-45hw-2fc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84466?format=api", "vulnerability_id": "VCID-wk61-n55m-j3fg", "summary": "389-ds-base: Remote crash via crafted LDAP messages", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2668.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2668.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2668", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07615", "scoring_system": "epss", "scoring_elements": "0.91819", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07615", "scoring_system": "epss", "scoring_elements": "0.91878", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.07615", "scoring_system": "epss", "scoring_elements": "0.91876", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.07615", "scoring_system": "epss", "scoring_elements": "0.91874", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.07615", "scoring_system": "epss", "scoring_elements": "0.9188", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.07615", "scoring_system": "epss", "scoring_elements": "0.91828", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07615", "scoring_system": "epss", "scoring_elements": "0.91834", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07615", "scoring_system": "epss", "scoring_elements": "0.91842", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07615", "scoring_system": "epss", "scoring_elements": "0.91855", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07615", "scoring_system": "epss", "scoring_elements": "0.9186", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07615", "scoring_system": "epss", "scoring_elements": "0.91864", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07615", "scoring_system": "epss", "scoring_elements": "0.91879", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2668" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2668" }, { "reference_url": "https://pagure.io/389-ds-base/issue/49220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://pagure.io/389-ds-base/issue/49220" }, { "reference_url": "http://www.securityfocus.com/bid/97524", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/97524" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1436575", "reference_id": "1436575", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1436575" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860125", "reference_id": "860125", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860125" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2668", "reference_id": "CVE-2017-2668", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2668" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0893", "reference_id": "RHSA-2017:0893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0920", "reference_id": "RHSA-2017:0920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0920" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049341?format=api", "purl": "pkg:deb/debian/389-ds-base@1.3.5.17-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cnv-xra9-d7fw" }, { "vulnerability": "VCID-1emx-jre5-v7dm" }, { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-7teh-3vk4-a7du" }, { "vulnerability": "VCID-f3t3-vxrz-8uew" }, { "vulnerability": "VCID-gmg8-mepq-87ez" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-hvag-zpvk-vqbw" }, { "vulnerability": "VCID-jge6-uqra-yba1" }, { "vulnerability": "VCID-kkeh-mm7b-quc4" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-s9es-be9s-t3h3" }, { "vulnerability": "VCID-vu7g-kqpe-83hq" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-yaw8-dzr7-hyha" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.3.5.17-2" } ], "aliases": [ "CVE-2017-2668" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wk61-n55m-j3fg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85058?format=api", "vulnerability_id": "VCID-wqg4-uer5-u3fd", "summary": "389-ds-base: Information disclosure via repeated use of LDAP ADD operation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4992.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4992.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4992", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63293", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63353", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.6338", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63346", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63398", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63415", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63433", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63416", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63423", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63401", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63419", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63431", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4992" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347760", "reference_id": "1347760", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347760" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2594", "reference_id": "RHSA-2016:2594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2765", "reference_id": "RHSA-2016:2765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2765" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049341?format=api", "purl": "pkg:deb/debian/389-ds-base@1.3.5.17-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cnv-xra9-d7fw" }, { "vulnerability": "VCID-1emx-jre5-v7dm" }, { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-7teh-3vk4-a7du" }, { "vulnerability": "VCID-f3t3-vxrz-8uew" }, { "vulnerability": "VCID-gmg8-mepq-87ez" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-hvag-zpvk-vqbw" }, { "vulnerability": "VCID-jge6-uqra-yba1" }, { "vulnerability": "VCID-kkeh-mm7b-quc4" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-s9es-be9s-t3h3" }, { "vulnerability": "VCID-vu7g-kqpe-83hq" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-yaw8-dzr7-hyha" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.3.5.17-2" } ], "aliases": [ "CVE-2016-4992" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wqg4-uer5-u3fd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79569?format=api", "vulnerability_id": "VCID-x8k9-na1n-8fgj", "summary": "389-ds-base: expired password was still allowed to access the database", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0996.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0996.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0996", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34604", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34819", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34846", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34722", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34765", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34794", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34798", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.3476", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34735", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34769", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34754", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.3869", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38535", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40657", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0996" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0996", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0996" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064769", "reference_id": "2064769", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064769" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5239", "reference_id": "RHSA-2022:5239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5620", "reference_id": "RHSA-2022:5620", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5620" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5823", "reference_id": "RHSA-2022:5823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8162", "reference_id": "RHSA-2022:8162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8976", "reference_id": "RHSA-2022:8976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8976" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583112?format=api", "purl": "pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f2q-qatg-kucr" }, { "vulnerability": "VCID-bpw5-xeju-93f3" }, { "vulnerability": "VCID-kbvd-dfmn-buat" }, { "vulnerability": "VCID-pqe1-ewjj-uqbn" }, { "vulnerability": "VCID-xs3r-chc9-27dr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1" } ], "aliases": [ "CVE-2022-0996" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x8k9-na1n-8fgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85692?format=api", "vulnerability_id": "VCID-xq1g-upbu-x7dp", "summary": "389-ds-base: access control bypass with modrdn", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157069.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157069.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1854.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1854.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1854", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.81974", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.81963", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.81838", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.81849", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.81871", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.81867", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.81894", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.819", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.8192", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.81907", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.81903", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.81938", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.81939", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.8194", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1854" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00018.html" }, { "reference_url": "http://www.securityfocus.com/bid/74392", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/74392" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209573", "reference_id": "1209573", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209573" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783923", "reference_id": "783923", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783923" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1854", "reference_id": "CVE-2015-1854", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0895", "reference_id": "RHSA-2015:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0895" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049341?format=api", "purl": "pkg:deb/debian/389-ds-base@1.3.5.17-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cnv-xra9-d7fw" }, { "vulnerability": "VCID-1emx-jre5-v7dm" }, { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-7teh-3vk4-a7du" }, { "vulnerability": "VCID-f3t3-vxrz-8uew" }, { "vulnerability": "VCID-gmg8-mepq-87ez" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-hvag-zpvk-vqbw" }, { "vulnerability": "VCID-jge6-uqra-yba1" }, { "vulnerability": "VCID-kkeh-mm7b-quc4" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-s9es-be9s-t3h3" }, { "vulnerability": "VCID-vu7g-kqpe-83hq" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-yaw8-dzr7-hyha" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.3.5.17-2" } ], "aliases": [ "CVE-2015-1854" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xq1g-upbu-x7dp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83387?format=api", "vulnerability_id": "VCID-yaw8-dzr7-hyha", "summary": "389-ds-base: replication and the Retro Changelog plugin store plaintext password by default", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10871.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10871.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10871", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57882", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57979", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58024", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58022", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57963", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57966", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57985", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57961", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58016", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58019", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58035", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58014", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57993", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10871" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10871" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00032.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00032.html" }, { "reference_url": "https://pagure.io/389-ds-base/issue/49789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://pagure.io/389-ds-base/issue/49789" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591480", "reference_id": "1591480", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591480" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10871", "reference_id": "CVE-2018-10871", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:N/A:N" }, { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" }, { "value": "7.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3401", "reference_id": "RHSA-2019:3401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3401" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049342?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.0.21-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3paj-fqdp-yyg3" }, { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-4tn2-her5-6fe1" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pexr-smr8-gbhh" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-wcyy-45hw-2fc6" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-z7kp-3dwk-wkgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.0.21-1" } ], "aliases": [ "CVE-2018-10871" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yaw8-dzr7-hyha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81881?format=api", "vulnerability_id": "VCID-z7kp-3dwk-wkgr", "summary": "389-ds-base: Read permission check bypass via the deref plugin", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14824.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14824.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14824", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41245", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41345", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41328", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41371", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41269", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41157", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41338", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41366", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41294", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41353", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41373", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41342", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61796", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14824" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14824" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00036.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00036.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1747448", "reference_id": "1747448", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1747448" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944150", "reference_id": "944150", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944150" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fedoraproject:389_directory_server:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14824", "reference_id": "CVE-2019-14824", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3401", "reference_id": "RHSA-2019:3401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3981", "reference_id": "RHSA-2019:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0464", "reference_id": "RHSA-2020:0464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0464" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583111?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.4.11-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tdy-umt6-4ubr" }, { "vulnerability": "VCID-63rm-mq1r-5fbz" }, { "vulnerability": "VCID-6f2q-qatg-kucr" }, { "vulnerability": "VCID-77rw-db6h-hya9" }, { "vulnerability": "VCID-bpw5-xeju-93f3" }, { "vulnerability": "VCID-hjvf-3mm8-xfhq" }, { "vulnerability": "VCID-kbvd-dfmn-buat" }, { "vulnerability": "VCID-knxk-357y-efhh" }, { "vulnerability": "VCID-pqe1-ewjj-uqbn" }, { "vulnerability": "VCID-qkca-awn5-hfas" }, { "vulnerability": "VCID-qv4g-5kzs-9kfa" }, { "vulnerability": "VCID-rffx-mwhe-tqe5" }, { "vulnerability": "VCID-vx15-pahy-ufbn" }, { "vulnerability": "VCID-x8k9-na1n-8fgj" }, { "vulnerability": "VCID-xs3r-chc9-27dr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2" } ], "aliases": [ "CVE-2019-14824" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z7kp-3dwk-wkgr" } ], "fixing_vulnerabilities": [], "risk_score": "3.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.3.3.5-4" }