{"id":"CVE-2022-29155","details":"In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.","aliases":["BIT-openldap-2022-29155"],"modified":"2026-04-15T23:59:23.685372499Z","published":"2022-05-04T20:15:07.690Z","related":["SUSE-SU-2022:1670-1","SUSE-SU-2022:1671-1","SUSE-SU-2022:1685-1","SUSE-SU-2022:1771-1","SUSE-SU-2022:1832-1"],"database_specific":{"unresolved_ranges":[{"source":"CPE_FIELD","extracted_events":[{"last_affected":"10.0"}],"cpe":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"11.0"}],"cpe":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"9.0"}],"cpe":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"}]},"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00032.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220609-0007/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5140"},{"type":"REPORT","url":"https://bugs.openldap.org/show_bug.cgi?id=9815"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openldap/openldap","events":[{"introduced":"9794f9fbe87267e8323c44a260abd2656d1652e7"},{"fixed":"2bda1fa98fbcedc6cd5995ea905427b8bef89f9d"},{"introduced":"0a6e8804ed43395db12d31ca3ccf20fe92edded1"},{"fixed":"11b24f1c4a2ff8655842409479b1f377a80596ea"}],"database_specific":{"source":"CPE_FIELD","extracted_events":[{"introduced":"2.0"},{"fixed":"2.5.12"},{"introduced":"2.6.0"},{"fixed":"2.6.2"}],"cpe":"cpe:2.3:a:openldap:openldap:*:*:*:*:*:*:*:*"}}],"versions":["OPENLDAP_REL_ENG_2_6_0","OPENLDAP_REL_ENG_2_6_1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-29155.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}