VulnerableCode Package Details - pkg:deb/debian/sssd@1.11.7-3

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/sssd@1.11.7-3

Essentials
History (33)

purl	pkg:deb/debian/sssd@1.11.7-3

Next non-vulnerable version	2.12.0-4
Latest non-vulnerable version	2.12.0-4
Risk	4.0

Vulnerabilities affecting this package (9)

Vulnerability	Summary	Fixed by
VCID-5hxw-dnz2-v7by Aliases: CVE-2019-3811	sssd: fallback_homedir returns '/' for empty home directories in passwd file	2.4.1-2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-bveu-ff3p-gfh7 Aliases: CVE-2018-10852	sssd: information leak from the sssd-sudo responder	1.16.3-3.2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-jhrd-1f8g-6ueh Aliases: CVE-2017-12173	sssd: unsanitized input when searching in local cache database	1.16.3-3.2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-r1m1-kp4g-pbc7 Aliases: CVE-2021-3621	A vulnerability has been discovered in SSSD, which can lead to arbitrary code execution.	2.8.2-4+deb12u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-t4w3-vj56-4fcq Aliases: CVE-2023-3758	sssd: Race condition during authorization leads to GPO policies functioning inconsistently	2.8.2-4+deb12u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-t5gr-yesx-hqah Aliases: CVE-2022-4254	sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters	2.4.1-2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-yn22-35eg-1khb Aliases: CVE-2018-16838	sssd: improper implementation of GPOs due to too restrictive permissions	2.4.1-2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zee4-1xpd-27bc Aliases: CVE-2018-16883	sssd: Information leak in infopipe due to an improper uid restriction	2.4.1-2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zz4w-9935-q3gc Aliases: CVE-2015-5292	sssd: memory leak in the sssd_pac_plugin	1.15.0-3+deb9u1 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-d4ke-65rx-13ac	sssd: incorrect expansion of group membership when encountering a non-POSIX group	CVE-2014-0249
VCID-xpwr-fzex-m7fa	A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.	CVE-2012-3462

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T00:38:23.099720+00:00	Debian Oval Importer	Affected by	VCID-t4w3-vj56-4fcq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-16T00:33:38.417414+00:00	Debian Oval Importer	Affected by	VCID-t5gr-yesx-hqah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:57:39.548756+00:00	Debian Oval Importer	Affected by	VCID-bveu-ff3p-gfh7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:38:10.464596+00:00	Debian Oval Importer	Affected by	VCID-r1m1-kp4g-pbc7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:21:30.565448+00:00	Debian Oval Importer	Fixing	VCID-xpwr-fzex-m7fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:21:41.423482+00:00	Debian Oval Importer	Affected by	VCID-jhrd-1f8g-6ueh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:12:21.864364+00:00	Debian Oval Importer	Affected by	VCID-yn22-35eg-1khb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:08:52.260168+00:00	Debian Oval Importer	Affected by	VCID-zz4w-9935-q3gc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:20:19.023984+00:00	Debian Oval Importer	Affected by	VCID-zee4-1xpd-27bc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:08:59.985466+00:00	Debian Oval Importer	Fixing	VCID-d4ke-65rx-13ac	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:31:45.645292+00:00	Debian Oval Importer	Affected by	VCID-5hxw-dnz2-v7by	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-12T00:11:20.505621+00:00	Debian Oval Importer	Affected by	VCID-t4w3-vj56-4fcq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-12T00:06:51.663335+00:00	Debian Oval Importer	Affected by	VCID-t5gr-yesx-hqah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:34:00.955819+00:00	Debian Oval Importer	Affected by	VCID-bveu-ff3p-gfh7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:17:05.231300+00:00	Debian Oval Importer	Affected by	VCID-r1m1-kp4g-pbc7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:01:03.335824+00:00	Debian Oval Importer	Fixing	VCID-xpwr-fzex-m7fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:06:52.279983+00:00	Debian Oval Importer	Affected by	VCID-jhrd-1f8g-6ueh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:57:48.687622+00:00	Debian Oval Importer	Affected by	VCID-yn22-35eg-1khb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:54:25.785538+00:00	Debian Oval Importer	Affected by	VCID-zz4w-9935-q3gc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:06:46.963026+00:00	Debian Oval Importer	Affected by	VCID-zee4-1xpd-27bc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:55:33.780907+00:00	Debian Oval Importer	Fixing	VCID-d4ke-65rx-13ac	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:19:45.720474+00:00	Debian Oval Importer	Affected by	VCID-5hxw-dnz2-v7by	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T23:42:24.625419+00:00	Debian Oval Importer	Affected by	VCID-t4w3-vj56-4fcq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T23:38:03.317798+00:00	Debian Oval Importer	Affected by	VCID-t5gr-yesx-hqah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:09:28.362152+00:00	Debian Oval Importer	Affected by	VCID-bveu-ff3p-gfh7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:55:54.894303+00:00	Debian Oval Importer	Affected by	VCID-r1m1-kp4g-pbc7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:40:17.436658+00:00	Debian Oval Importer	Fixing	VCID-xpwr-fzex-m7fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:53:19.872122+00:00	Debian Oval Importer	Affected by	VCID-jhrd-1f8g-6ueh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:44:34.623477+00:00	Debian Oval Importer	Affected by	VCID-yn22-35eg-1khb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:41:17.478227+00:00	Debian Oval Importer	Affected by	VCID-zz4w-9935-q3gc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:55:59.069940+00:00	Debian Oval Importer	Affected by	VCID-zee4-1xpd-27bc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:45:18.557287+00:00	Debian Oval Importer	Fixing	VCID-d4ke-65rx-13ac	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:14:28.549329+00:00	Debian Oval Importer	Affected by	VCID-5hxw-dnz2-v7by	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0