VulnerableCode Package Details - pkg:deb/debian/ldb@2:1.1.20-0%2Bdeb8u1

Search for packages

Package details: pkg:deb/debian/ldb@2:1.1.20-0%2Bdeb8u1

Essentials
History (11)

purl	pkg:deb/debian/ldb@2:1.1.20-0%2Bdeb8u1

Next non-vulnerable version	2:2.2.3-2~deb11u2
Latest non-vulnerable version	2:2.2.3-2~deb11u2
Risk	4.0

Vulnerabilities affecting this package (7)

Vulnerability	Summary	Fixed by
VCID-16td-s1zq-jugr Aliases: CVE-2021-20277	A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability.	2:1.5.1+really1.4.6-3+deb10u1 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2:2.2.3-2~deb11u2 Affected by 0 other vulnerabilities.
VCID-as1n-ft13-h3bx Aliases: CVE-2020-10730	A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to possibly trigger a use-after-free or NULL pointer dereference. The highest threat from this vulnerability is to system availability.	2:1.5.1+really1.4.6-3+deb10u1 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2:2.2.3-2~deb11u2 Affected by 0 other vulnerabilities.
VCID-ezjm-vawb-y3bq Aliases: CVE-2019-3824	A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service.	2:1.1.27-1+deb9u1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2:1.5.1+really1.4.6-3+deb10u1 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-hc4j-ezm9-tqe9 Aliases: CVE-2020-27840	A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.	2:1.5.1+really1.4.6-3+deb10u1 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2:2.2.3-2~deb11u2 Affected by 0 other vulnerabilities.
VCID-hm94-u9pa-kuhg Aliases: CVE-2021-3670	MaxQueryDuration not honoured in Samba AD DC LDAP	2:2.2.3-2~deb11u2 Affected by 0 other vulnerabilities.
VCID-s58b-8v9w-63d1 Aliases: CVE-2015-5330		2:1.1.27-1+deb9u1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-sz21-gdhu-ebe7 Aliases: CVE-2015-3223		2:1.1.27-1+deb9u1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T19:44:49.672930+00:00	Debian Oval Importer	Affected by	VCID-sz21-gdhu-ebe7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:29:03.588186+00:00	Debian Oval Importer	Affected by	VCID-s58b-8v9w-63d1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:24:34.950243+00:00	Debian Oval Importer	Affected by	VCID-ezjm-vawb-y3bq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:43:19.433891+00:00	Debian Oval Importer	Affected by	VCID-hm94-u9pa-kuhg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:29:29.292344+00:00	Debian Oval Importer	Affected by	VCID-16td-s1zq-jugr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T14:44:37.902279+00:00	Debian Oval Importer	Affected by	VCID-hc4j-ezm9-tqe9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:41:33.799973+00:00	Debian Oval Importer	Affected by	VCID-as1n-ft13-h3bx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T11:29:56.643896+00:00	Debian Oval Importer	Affected by	VCID-hc4j-ezm9-tqe9	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	37.0.0
2025-08-01T11:26:40.620834+00:00	Debian Oval Importer	Affected by	VCID-16td-s1zq-jugr	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	37.0.0
2025-08-01T11:22:48.059647+00:00	Debian Oval Importer	Affected by	VCID-as1n-ft13-h3bx	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	37.0.0
2025-08-01T10:52:33.781487+00:00	Debian Oval Importer	Affected by	VCID-ezjm-vawb-y3bq	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	37.0.0