{"id":"CVE-2021-46823","details":"python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service (ReDoS) flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.","aliases":["GHSA-qfr5-wjpw-q4c4"],"modified":"2026-03-20T11:45:16.463294Z","published":"2022-06-18T16:15:08.173Z","related":["GHSA-r8wq-qrxc-hmcm","MGASA-2022-0310"],"references":[{"type":"ADVISORY","url":"https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r8wq-qrxc-hmcm"},{"type":"ADVISORY","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/221507"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/python-ldap/python-ldap","events":[{"introduced":"0"},{"fixed":"47975ee75c84748abfb8bb7456d5cc0a34cfce41"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"3.4.0"}]}}],"versions":["python-ldap-2.3.0","python-ldap-2.3.10","python-ldap-2.3.11","python-ldap-2.3.13","python-ldap-2.3.3","python-ldap-2.3.4","python-ldap-2.3.7","python-ldap-2.3.8","python-ldap-2.3.9","python-ldap-2.4.10","python-ldap-2.4.12","python-ldap-2.4.13","python-ldap-2.4.20","python-ldap-2.4.21","python-ldap-2.4.23","python-ldap-2.4.26","python-ldap-2.4.27","python-ldap-2.4.28","python-ldap-2.4.29","python-ldap-2.4.30","python-ldap-2.4.31","python-ldap-2.4.32","python-ldap-2.4.33","python-ldap-2.4.35","python-ldap-2.4.36","python-ldap-2.4.37","python-ldap-2.4.38","python-ldap-2.4.39","python-ldap-2.4.4","python-ldap-2.4.40","python-ldap-2.4.41","python-ldap-2.4.42","python-ldap-2.4.43","python-ldap-2.4.44","python-ldap-2.4.45","python-ldap-2.4.6","python-ldap-2.4.7","python-ldap-2.4.9","python-ldap-2.5.0","python-ldap-2.5.1","python-ldap-3.0.0","python-ldap-3.0.0b1","python-ldap-3.0.0b2","python-ldap-3.0.0b3","python-ldap-3.0.0b4","python-ldap-3.1.0","python-ldap-3.2.0","python-ldap-3.3.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-46823.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}