CVE-2024-1062
Published: Feb 12, 2024
Modified: Feb 25, 2026
CVSS v3.1
5.5
Description
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
| Vendor | Product | Versions |
|---|---|---|
Unknown | 389-ds-base | affected 1.4.3.0 - < 2.2.*unaffected 2.3.0 - < * |
Red Hat | Red Hat Directory Server 11.5 E4S for RHEL 8 | unaffected 8060020250210084424.0ca98e7e - < * |
Red Hat | Red Hat Directory Server 11.7 for RHEL 8 | unaffected 8080020240306153507.f969626e - < * |
Red Hat | Red Hat Directory Server 11.8 for RHEL 8 | unaffected 8090020240606122459.91529cd0 - < * |
Red Hat | Red Hat Directory Server 12.2 EUS for RHEL 9 | unaffected 9020020240916150035.1674d574 - < * |
Red Hat | Red Hat Enterprise Linux 8 | unaffected 8100020240315011748.945b6f6d - < * |
Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support | unaffected 8060020240213164457.824efc52 - < * |
Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support | unaffected 8080020240807050952.6dbb3803 - < * |
Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | unaffected 0:2.2.4-9.el9_2 - < * |
Red Hat | Red Hat Directory Server 12 | All versions |
Red Hat | Red Hat Enterprise Linux 6 | All versions |
Red Hat | Red Hat Enterprise Linux 7 | All versions |
Red Hat | Red Hat Enterprise Linux 9 | All versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now