Description
A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.
References (9)
Core 9
Core References
Third Party Advisory
https://access.redhat.com/security/cve/CVE-2023-2953
Issue Tracking, Vendor Advisory
https://bugs.openldap.org/show_bug.cgi?id=9904
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230703-0005/
Third Party Advisory
https://support.apple.com/kb/HT213843
Third Party Advisory
https://support.apple.com/kb/HT213844
Third Party Advisory
https://support.apple.com/kb/HT213845
Mailing List mailing-list
http://seclists.org/fulldisclosure/2023/Jul/52
Mailing List mailing-list
http://seclists.org/fulldisclosure/2023/Jul/48
Mailing List mailing-list
http://seclists.org/fulldisclosure/2023/Jul/47
Scores
CVSS v3
7.5
EPSS
0.0142
EPSS Percentile
80.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-476
Status
published
Products (12)
apple/macos
11.0 - 11.7.9
netapp/active_iq_unified_manager
netapp/clustered_data_ontap
netapp/h300s_firmware
netapp/h410c_firmware
netapp/h410s_firmware
netapp/h500s_firmware
netapp/h700s_firmware
netapp/ontap_tools
openldap/openldap
2.4
... and 2 more
Published
May 30, 2023
Tracked Since
Feb 18, 2026