- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1758645818.json
- JSON Data
-
https://api.osv.dev/v1/vulns/CLSA-2025-1758645818
- Upstream
- Published
- 2026-04-23T20:31:57Z
- Modified
- 2026-05-29T01:37:41.840386959Z
- Summary
-
openldap: Fix of 14 CVEs
- Details
-
- Rebase to 2.4.58 to fix the following vulnerabilities:
- CVE-2020-12243: fix denial of service caused by LDAP search filters with nested
boolean expressions
- CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing
- CVE-2020-36223: fix slapd crash in the Values Return Filter control handling
- CVE-2020-36226: fix slapd crash in the saslAuthzTo processing
- CVE-2020-36228: fix slapd crash in the Certificate List Exact Assertion processing
- CVE-2020-36225: fix double free and slapd crash in the saslAuthzTo processing
- CVE-2020-36227: fix infinite loop in slapd with the cancel_extop Cancel operation
- CVE-2020-36230: fix assertion failure in slapd in the X.509 DN parsing in decode.c
- CVE-2020-25692: fix NULL pointer dereference during a request for renaming RDNs
- CVE-2020-25709: fix assertion failure caused by processing malicious packet
- CVE-2020-36224: fix invalid pointer free and slapd crash in the saslAuthzTo
processing
- CVE-2020-36229: fix slapd crash in the X.509 DN parsing in ad_keystring
- CVE-2020-25710: fix failed assertion in csnNormalize23()
- CVE-2020-36222: fix assertion failure in slapd in the saslAuthzTo validation
- References
-
Affected packages
CLSA-2025-1758645818 - OSV
