CVE-2020-36221

CWE-191CWE-190Integer Overflow14 documents9 sources
Severity
7.5HIGH
EPSS
47.6%
top 2.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Apple MAC OS XApple MacosOpenldap Openldap+1 more
Timeline
PublishedJan 26
Latest updateAug 17

Description

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages5 packages

NVDopenldap/openldap< 2.4.57
Debianopenldap< 2.4.57+dfsg-1+3
Ubuntuopenldap< 2.4.42+dfsg-2ubuntu3.12+3
NVDapple/macos11.111.4
NVDapple/mac_os_x10.14.010.14.6+1

Also affects: Debian Linux 10.0, 9.0

Patches

Patch: git.openldap.orgPatch: git.openldap.orgPatch: git.openldap.org

🔴Vulnerability Details

5
OSV
openldap vulnerabilities2025-08-17
GHSA
GHSA-xm66-m73v-859r: An integer underflow was discovered in OpenLDAP before 22022-05-24
OSV
openldap vulnerabilities2021-02-08
OSV
CVE-2020-36221: An integer underflow was discovered in OpenLDAP before 22021-01-26
CVEList
CVE-2020-36221: An integer underflow was discovered in OpenLDAP before 22021-01-25

📋Vendor Advisories

8
Ubuntu
OpenLDAP vulnerabilities2025-08-17
Apple
CVE-2020-36221: Security Update 2021-003 Catalina2021-05-24
Apple
CVE-2020-36221: Security Update 2021-004 Mojave2021-05-24
Apple
CVE-2020-36221: macOS Big Sur 11.42021-05-24
Ubuntu
OpenLDAP vulnerabilities2021-02-08