Red Hat Directory Server Eus
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Red Hat Directory Server Eus.
By the Year
In 2026 there have been 1 vulnerability in Red Hat Directory Server Eus with an average score of 7.2 out of ten. Last year, in 2025 Directory Server Eus had 1 security vulnerability published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Directory Server Eus in 2026 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2026 is greater by 2.30.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 7.20 |
| 2025 | 1 | 4.90 |
| 2024 | 3 | 6.23 |
It may take a day or so for new Directory Server Eus vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Directory Server Eus Security Vulnerabilities
389-ds-base Heap Buffer Overflow in schema_attr_enum_callback
CVE-2025-14905
7.2 - High
- February 23, 2026
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).
Heap-based Buffer Overflow
Apache Directory Server 389-ds-base ModifyDN NULL Pointer DoS
CVE-2025-2487
4.9 - Medium
- March 18, 2025
A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it could lead to a Denial of Service (DoS) or system crash.
NULL Pointer Dereference
389-ds-base LDAP DoS via Malformed Hash Login
CVE-2024-5953
5.7 - Medium
- June 18, 2024
A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password.
Improper Validation of Consistency within Input
389 DS LDAP Crafted Query DoS
CVE-2024-3657
7.5 - High
- May 28, 2024
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
Improper Input Validation
389 Directory Server DOS via Heap Overflow in log_entry_attr
CVE-2024-1062
5.5 - Medium
- February 12, 2024
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
Heap-based Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Directory Server Eus or by Red Hat? Click the Watch button to subscribe.
