| Max CVSS | 5.0 | Min CVSS | 2.7 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-3811 | 2.7 |
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem ac
|
29-05-2023 - 17:15 | 15-01-2019 - 15:29 | |
| CVE-2018-10852 | 5.0 |
The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available fo
|
09-10-2019 - 23:33 | 26-06-2018 - 14:29 | |
| CVE-2017-12173 | 4.0 |
It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a gi
|
09-10-2019 - 23:22 | 27-07-2018 - 16:29 |