Fluid Attacks Database

Description

It was found that the fix for CVE-2018-14648 was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel7.5	389-ds-base	<0:1.3.7.5-30.el7_5	0:1.3.7.5-30.el7_5
rpm rhel7	389-ds-base	-	-

Aliases

1. CVE-2019-101712. NVD-2019-101713. OSV-2019-10171

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.