CVE-2025-14905 in 389-ds-baseinfo

Zusammenfassung

von MITRE • 23.02.2026

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Redhat

Reservieren

18.12.2025

Veröffentlichung

23.02.2026

Moderieren

akzeptiert

Eintrag

VDB-347387

CPE

bereit

CWE

CWE-122 (bestätigt)

CVSS

7.2 (CNA)

EPSS

0.00315

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-14905
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-14905
CVE Details	https://www.cvedetails.com/cve/CVE-2025-14905/

◂ Zurück Übersicht Weiter ▸

Want to know what is going to be exploited?

We predict KEV entries!