6.3

CVE-2026-11787

389-ds-base: 389-ds-base: heap buffer over-read in ldap_utf8prev() via str2simple filter parsing

A flaw was found in 389 Directory Server. The ldap_utf8prev() function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RedhatDirectory Server Version11.0
RedhatDirectory Server Version12.0
RedhatDirectory Server Version13.0
RedhatEnterprise Linux Version7.0
RedhatEnterprise Linux Version8.0
RedhatEnterprise Linux Version9.0
RedhatEnterprise Linux Version10.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.074
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.3 2.8 3.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
secalert@redhat.com 5 1.6 3.4
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE-126 Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

https://access.redhat.com/security/cve/CVE-2026-11787
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2485425
Vendor Advisory
Issue Tracking