{"affected":[{"ecosystem_specific":{"binaries":[{"389-ds":"1.4.0.31~git15.8b9843b0b-150000.4.27.1","389-ds-devel":"1.4.0.31~git15.8b9843b0b-150000.4.27.1","libsvrcore0":"1.4.0.31~git15.8b9843b0b-150000.4.27.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15-ESPOS","name":"389-ds","purl":"pkg:rpm/suse/389-ds&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.4.0.31~git15.8b9843b0b-150000.4.27.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"389-ds":"1.4.0.31~git15.8b9843b0b-150000.4.27.1","389-ds-devel":"1.4.0.31~git15.8b9843b0b-150000.4.27.1","libsvrcore0":"1.4.0.31~git15.8b9843b0b-150000.4.27.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15-LTSS","name":"389-ds","purl":"pkg:rpm/suse/389-ds&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.4.0.31~git15.8b9843b0b-150000.4.27.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"389-ds":"1.4.0.31~git15.8b9843b0b-150000.4.27.1","389-ds-devel":"1.4.0.31~git15.8b9843b0b-150000.4.27.1","libsvrcore0":"1.4.0.31~git15.8b9843b0b-150000.4.27.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15-LTSS","name":"389-ds","purl":"pkg:rpm/suse/389-ds&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.4.0.31~git15.8b9843b0b-150000.4.27.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"389-ds":"1.4.0.31~git15.8b9843b0b-150000.4.27.1","389-ds-devel":"1.4.0.31~git15.8b9843b0b-150000.4.27.1","libsvrcore0":"1.4.0.31~git15.8b9843b0b-150000.4.27.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15","name":"389-ds","purl":"pkg:rpm/suse/389-ds&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.4.0.31~git15.8b9843b0b-150000.4.27.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for 389-ds fixes the following issues:\n\t  \n- CVE-2021-3652: Fixed disabled accounts may be able to bind with crypt passwords (bsc#1188455).  \n- CVE-2022-1949: Fixed full access control bypass with simple crafted query (bsc#1199889).\n- CVE-2021-4091: Fixed double free in psearch (bsc#1195324).\n","id":"SUSE-SU-2022:2109-1","modified":"2022-06-16T13:26:57Z","published":"2022-06-16T13:26:57Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2022/suse-su-20222109-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188455"},{"type":"REPORT","url":"https://bugzilla.suse.com/1195324"},{"type":"REPORT","url":"https://bugzilla.suse.com/1199889"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3652"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-4091"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-1949"}],"related":["CVE-2021-3652","CVE-2021-4091","CVE-2022-1949"],"summary":"Security update for 389-ds","upstream":["CVE-2021-3652","CVE-2021-4091","CVE-2022-1949"]}