Actions
Security #7465
closedldap: bound of number of transactions is not fully enforced
Affected Versions:
Label:
CVE:
Git IDs:
Severity:
MODERATE
Disclosure Date:
03/17/2025
Description
Found by oss-fuzz
https://issues.oss-fuzz.com/u/1/issues/383880390
No need to backport as only in 8
If a 1 Mbyte chunk is parsed in one go, we can create many transactions, and have quadratic complexity with find_request
Updated by Philippe Antoine 7 months ago
- Status changed from New to In Review
Updated by Philippe Antoine 6 months ago
- Status changed from In Review to Closed
Updated by Juliana Fajardini Reichow 3 days ago
- Private changed from Yes to No
Making public as per the disclosure date.
Actions