Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenLDAP libldap 信任管理问题漏洞
Vulnerability Description
OpenLDAP是美国OpenLDAP(Openldap)基金会的一个轻型目录访问协议(LDAP)的开源实现。 OpenLDAP libldap中存在信任管理问题漏洞,该漏洞源于程序存在证书验证缺陷。攻击者可利用该漏洞发起中间人攻击,并获得端点之间通信通道的访问权限,进而获取敏感信息或进一步入侵系统。
CVSS Information
N/A
Vulnerability Type
N/A