Home > Vulnerability Database > WS-2021-0433

Mend.io Vulnerability Database

WS-2021-0433

Date: August 19, 2025

The LDAP schema parser of python-ldap 3.3.1 and earlier are vulnerable to a regular expression denial-of-service attack. The issue affects clients that use ldap.schema package to parse LDAP schema definitions from an untrusted source. The upcoming release of python-ldap 3.4.0 will contain a workaround to prevent ReDoS attacks. The schema parser refuses schema definitions with an excessive amount of backslashes.

Language: Python

Severity Score

6.5

Related Resources (5)

Url: https://github.com/advisories/GHSA-r8wq-qrxc-hmcm

Url: https://github.com/python-ldap/python-ldap/issues/424

Url: https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r8wq-qrxc-hmcm

Url: https://github.com/python-ldap/python-ldap

Url: https://www.mend.io/vulnerability-database/WS-2021-0433

Severity Score

6.5

Weakness Type (CWE)

Uncontrolled Resource Consumption

CWE-400

Inefficient Regular Expression Complexity

CWE-1333

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

WS-2021-0433

Date: August 19, 2025

Language: Python

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?