products / openldap

OpenLDAP

OpenLDAP is the widely deployed open-source LDAP implementation used as a directory backend for enterprise identity. Attestd filters NVD results through cpe:2.3:a:openldap:openldap. Example JSON is illustrative.

api usage

Querying OpenLDAP

product slugopenldap

version format2.5.14, 2.6.8, dotted

bash

curl "https://api.attestd.io/v1/check?product=openldap&version=2.5.14" \
  -H "Authorization: Bearer $ATTESTD_KEY"

OpenLDAP 2.5.14 is in range for CVE-2023-2953 (null pointer dereference via malformed LDAP request). Expect elevated or high risk_state after synthesis.

json

{
  "product": "openldap",
  "version": "2.5.14",
  "supported": true,
  "risk_state": "high",
  "risk_factors": [
    "denial_of_service",
    "patch_available",
    "internet_exposed_service"
  ],
  "actively_exploited": false,
  "remote_exploitable": true,
  "authentication_required": false,
  "patch_available": true,
  "fixed_version": "2.5.16",
  "confidence": 0.78,
  "cve_ids": ["CVE-2023-2953"],
  "last_updated": "2026-05-13T18:00:00Z",
  "supply_chain": null
}

safe version

OpenLDAP 2.6.8 is a newer release line for illustrative "safe" queries; confirm with live API after ingestion.

bash

curl "https://api.attestd.io/v1/check?product=openldap&version=2.6.8" \
  -H "Authorization: Bearer $ATTESTD_KEY"

notable cves

CVE history

CVE	Description	CVSS
`CVE-2023-2953`	Null pointer dereference via malformed LDAP request (DoS / crash).	7.5

All products Keycloak FreeIPA Response Field Reference