Fedora SSSD - System Security Services Daemon 1.16.4

CPE Details

Fedora SSSD - System Security Services Daemon 1.16.4
fedoraproject
sssd
1.16.4
2019-06-15
16h18 +00:00
2019-06-15
16h18 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:fedoraproject:sssd:1.16.4:*:*:*:*:*:*:*

Informations

Vendor

fedoraproject

Product

sssd

Version

1.16.4

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-4254 2023-02-01 00h00 +00:00 sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
8.8
High
CVE-2019-3811 2019-01-15 15h00 +00:00 A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
5.2
Medium
CVE-2018-16883 2018-12-19 13h00 +00:00 sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers.
5.5
Medium