Primary

Context

Netatalk LDAP Filter Injection Vulnerability

Vulnerability

Patched

A vulnerability allowing LDAP filter injection has been identified in Netatalk versions 2.1.0 through 4.4.2. This issue arises because LDAP lookup filters can incorporate client-influenced name values without proper escaping. In deployments using LDAP for access control lists or identity mapping, this could lead to authorization or lookup errors.

Impact

Exploitation of this vulnerability could cause confusion in authorization or lookup processes, particularly in environments that rely on LDAP-backed access control or identity mapping.

Remediation

Users can upgrade to Netatalk version 4.5.0 or later, which includes the necessary patch. For those using Netatalk 4.4.2, the patch can be applied manually. The Netatalk team advises against applying the patch to existing deployments before upgrading, due to the low likelihood of practical exploitation.

Added: May 21, 2026, 8:37 AM

Updated: May 21, 2026, 8:37 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

1.3

exploitability

6.3

remediation

7.9

relevance

9.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

1.3

exploitability

6.3

remediation

7.9

relevance

9.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Netatalk LDAP Filter Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Netatalk

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating