vulnerability
Ubuntu: USN-7828-1 (CVE-2025-61911): Python LDAP vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:L/Au:N/C:C/I:C/A:N) | Oct 10, 2025 | Oct 21, 2025 | Oct 30, 2025 |
Severity
9
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:N)
Published
Oct 10, 2025
Added
Oct 21, 2025
Modified
Oct 30, 2025
Description
It was discovered that Python LDAP incorrectly handled special characters
in the special character filtering function. A remote attacker could
possibly use this issue to perform LDAP injection attacks.
(CVE-2025-61911)
Arad Inbar discovered that Python LDAP incorrectly escaped NUL character
bytes. An attacker could possibly use this issue to cause a denial of
service. (CVE-2025-61912)
Solutions
ubuntu-pro-upgrade-python-ldapubuntu-pro-upgrade-python3-ldap
References
- CVE-2025-61911
- https://attackerkb.com/topics/CVE-2025-61911
- CWE-75
- CWE-843
- UBUNTU-USN-7828-1
- URL-https://github.com/python-ldap/python-ldap/commit/3957526fb1852e84b90f423d9fef34c7af25b85a
- URL-https://github.com/python-ldap/python-ldap/commit/464fddacd63092d6e01c62a38316a713c30ca98a
- URL-https://github.com/python-ldap/python-ldap/releases/tag/python-ldap-3.4.5
- URL-https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r7r6-cc7p-4v5m
- URL-https://ubuntu.com/security/notices/USN-7828-1
- URL-https://www.cve.org/CVERecord?id=CVE-2025-61911
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.