389 directory server
This hub aggregates every CVE we track for 389 directory server, a product in the databases space. Use it to gauge the current risk picture and drill into individual advisories.
63
CVEs tracked
1
Critical
19
High
0
In CISA KEV
Severity distribution
MEDIUM35HIGH19LOW8CRITICAL1
Monthly trend
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
8
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting 389 directory server.
- CVE-2026-11793389-ds-base: 389-ds-base: stack buffer overflow in checkprefix() algorithm id parsing4.9
- CVE-2026-11790389-ds-base: 389-ds-base: pbkdf2 password storage plugin unbounded iteration count denial of service4.9
- CVE-2026-11789389-ds-base: 389-ds-base: smd5 password storage plugin salt length integer underflow crash4.9
- CVE-2026-11787389-ds-base: 389-ds-base: heap buffer over-read in ldap_utf8prev() via str2simple filter parsing5.0
- CVE-2026-11788389-ds-base: 389-ds-base: null pointer dereference in deref control plugin ber parser5.9
- CVE-2026-11786389-ds-base: 389-ds-base: heap out-of-bounds read in ldif parser str2entry_state_information_from_type()1.9
- CVE-2026-11785389-ds-base: 389-ds-base: partial stack address information leak via ber_printf type confusion in sso token handler4.3
- CVE-2026-11611389-ds-base: 389-ds-base: content sync plugin unbounded queue growth and race conditions6.5
- CVE-2026-9064389-ds-base: 389-ds-base: unbounded ldap controls count in get_ldapmessage_controls_ext() causes cpu and heap amplification (remote dos)7.5
- CVE-2024-6237389-ds-base: unauthenticated user can trigger a dos by sending a specific extended search request6.5
- CVE-2024-3657389-ds-base: potential denial of service via specially crafted kerberos as-req request7.5
- CVE-2024-2199389-ds-base: malformed userpassword may cause crash at do_modify in slapd/modify.c5.7
- CVE-2024-1062389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr)5.5
- CVE-2023-1055A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information ...5.5
- CVE-2022-2850A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an ...6.5
Product normalization is registry-driven with AI assist and human review. How it works