5.5

CVE-2024-1062

A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.

Data is provided by the National Vulnerability Database (NVD)
Redhat389 Directory Server Version < 2.2.0
RedhatDirectory Server Version-
RedhatDirectory Server Version11.7
RedhatDirectory Server Version11.8
FedoraprojectFedora Version39
FedoraprojectFedora Version40
FedoraprojectFedora Version41
RedhatDirectory Server Version12.0
   RedhatEnterprise Linux Eus Version9.2
RedhatEnterprise Linux Version8.0
RedhatEnterprise Linux Eus Version8.6
RedhatEnterprise Linux Eus Version8.8
RedhatEnterprise Linux Eus Version9.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.02% 0.044
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
secalert@redhat.com 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-122 Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().