VDB
ALPINE-CVE-2020-36224
ALPINE-CVE-2020-36224
PUBLISHED
CVSS 7.5 HIGH
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.13 | openldap | 2.4.11-r0, 2.4.16-r0, 2.4.16-r1 |
| Alpine:v3.18 | openldap | 2.4.24-r1, 0, 2.4.11-r0 |
| Alpine:v3.17 | openldap | 2.4.11-r0, 2.4.56-r0, 2.4.54-r0 |
| Alpine:v3.21 | openldap | 0, 2.4.56-r0, 2.4.54-r0 |
| Alpine:v3.15 | openldap | 2.4.11-r0, 0, 2.4.54-r0 |
| Alpine:v3.20 | openldap | 2.4.56-r0, 2.4.54-r0, 2.4.52-r0 |
| Alpine:v3.14 | openldap | 2.4.44-r2, 0, 2.4.11-r0 |
| Alpine:v3.23 | openldap | 2.4.11-r0, 2.4.56-r0, 2.4.54-r0 |
| Alpine:v3.19 | openldap | 0, 2.4.11-r0, 2.4.16-r1 |
| Alpine:v3.22 | openldap | 2.4.54-r0, 2.4.56-r0, 2.4.11-r0 |
| Alpine:v3.16 | openldap | 2.4.56-r0, 2.4.54-r0, 2.4.52-r0 |
Timeline
- Jan 26, 2021 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch