VulnerableCode Package Details - pkg:deb/debian/sssd@1.8.4-2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/sssd@1.8.4-2

Essentials
History (42)

purl	pkg:deb/debian/sssd@1.8.4-2

Next non-vulnerable version	2.12.0-4
Latest non-vulnerable version	2.12.0-4
Risk	4.0

Vulnerabilities affecting this package (11)

Vulnerability	Summary	Fixed by
VCID-5hxw-dnz2-v7by Aliases: CVE-2019-3811	sssd: fallback_homedir returns '/' for empty home directories in passwd file	2.4.1-2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-bveu-ff3p-gfh7 Aliases: CVE-2018-10852	sssd: information leak from the sssd-sudo responder	1.16.3-3.2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-d4ke-65rx-13ac Aliases: CVE-2014-0249	sssd: incorrect expansion of group membership when encountering a non-POSIX group	1.11.7-3 Affected by 9 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-jhrd-1f8g-6ueh Aliases: CVE-2017-12173	sssd: unsanitized input when searching in local cache database	1.16.3-3.2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-r1m1-kp4g-pbc7 Aliases: CVE-2021-3621	A vulnerability has been discovered in SSSD, which can lead to arbitrary code execution.	2.8.2-4+deb12u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-t4w3-vj56-4fcq Aliases: CVE-2023-3758	sssd: Race condition during authorization leads to GPO policies functioning inconsistently	2.8.2-4+deb12u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-t5gr-yesx-hqah Aliases: CVE-2022-4254	sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters	2.4.1-2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-xpwr-fzex-m7fa Aliases: CVE-2012-3462	A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.	1.11.7-3 Affected by 9 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-yn22-35eg-1khb Aliases: CVE-2018-16838	sssd: improper implementation of GPOs due to too restrictive permissions	2.4.1-2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zee4-1xpd-27bc Aliases: CVE-2018-16883	sssd: Information leak in infopipe due to an improper uid restriction	2.4.1-2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zz4w-9935-q3gc Aliases: CVE-2015-5292	sssd: memory leak in the sssd_pac_plugin	1.15.0-3+deb9u1 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (3)

Vulnerability	Summary	Aliases
VCID-3sh2-437b-ayfj	sssd: Out-of-bounds read flaws in autofs and ssh services responders	CVE-2013-0220
VCID-f5pv-qsd2-gkda	sssd: DoS in sssd PAM responder can prevent logins	CVE-2010-4341
VCID-kb5t-88br-5yh8	sssd: TOCTOU race conditions by copying and removing directory trees	CVE-2013-0219

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T00:38:23.096092+00:00	Debian Oval Importer	Affected by	VCID-t4w3-vj56-4fcq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-16T00:33:38.413958+00:00	Debian Oval Importer	Affected by	VCID-t5gr-yesx-hqah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:57:39.544562+00:00	Debian Oval Importer	Affected by	VCID-bveu-ff3p-gfh7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:33:07.301889+00:00	Debian Oval Importer	Fixing	VCID-3sh2-437b-ayfj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:38:10.461087+00:00	Debian Oval Importer	Affected by	VCID-r1m1-kp4g-pbc7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:21:30.561350+00:00	Debian Oval Importer	Affected by	VCID-xpwr-fzex-m7fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:08:35.571526+00:00	Debian Oval Importer	Fixing	VCID-kb5t-88br-5yh8	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T19:09:02.211453+00:00	Debian Oval Importer	Fixing	VCID-f5pv-qsd2-gkda	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:21:41.419866+00:00	Debian Oval Importer	Affected by	VCID-jhrd-1f8g-6ueh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:12:21.861018+00:00	Debian Oval Importer	Affected by	VCID-yn22-35eg-1khb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:08:52.256394+00:00	Debian Oval Importer	Affected by	VCID-zz4w-9935-q3gc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:20:19.020273+00:00	Debian Oval Importer	Affected by	VCID-zee4-1xpd-27bc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:08:59.982114+00:00	Debian Oval Importer	Affected by	VCID-d4ke-65rx-13ac	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:31:45.642030+00:00	Debian Oval Importer	Affected by	VCID-5hxw-dnz2-v7by	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-12T00:11:20.503503+00:00	Debian Oval Importer	Affected by	VCID-t4w3-vj56-4fcq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-12T00:06:51.651978+00:00	Debian Oval Importer	Affected by	VCID-t5gr-yesx-hqah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:34:00.952143+00:00	Debian Oval Importer	Affected by	VCID-bveu-ff3p-gfh7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:10:04.198049+00:00	Debian Oval Importer	Fixing	VCID-3sh2-437b-ayfj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:17:05.227013+00:00	Debian Oval Importer	Affected by	VCID-r1m1-kp4g-pbc7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:01:03.332048+00:00	Debian Oval Importer	Affected by	VCID-xpwr-fzex-m7fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:48:33.586815+00:00	Debian Oval Importer	Fixing	VCID-kb5t-88br-5yh8	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:52:45.641797+00:00	Debian Oval Importer	Fixing	VCID-f5pv-qsd2-gkda	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:06:52.275887+00:00	Debian Oval Importer	Affected by	VCID-jhrd-1f8g-6ueh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:57:48.683352+00:00	Debian Oval Importer	Affected by	VCID-yn22-35eg-1khb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:54:25.781598+00:00	Debian Oval Importer	Affected by	VCID-zz4w-9935-q3gc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:06:46.959239+00:00	Debian Oval Importer	Affected by	VCID-zee4-1xpd-27bc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:55:33.776865+00:00	Debian Oval Importer	Affected by	VCID-d4ke-65rx-13ac	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:19:45.716353+00:00	Debian Oval Importer	Affected by	VCID-5hxw-dnz2-v7by	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T23:42:24.621244+00:00	Debian Oval Importer	Affected by	VCID-t4w3-vj56-4fcq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T23:38:03.313490+00:00	Debian Oval Importer	Affected by	VCID-t5gr-yesx-hqah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:09:28.358159+00:00	Debian Oval Importer	Affected by	VCID-bveu-ff3p-gfh7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:46:35.851460+00:00	Debian Oval Importer	Fixing	VCID-3sh2-437b-ayfj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:55:54.889857+00:00	Debian Oval Importer	Affected by	VCID-r1m1-kp4g-pbc7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:40:17.425995+00:00	Debian Oval Importer	Affected by	VCID-xpwr-fzex-m7fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:28:15.312048+00:00	Debian Oval Importer	Fixing	VCID-kb5t-88br-5yh8	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:37:32.014048+00:00	Debian Oval Importer	Fixing	VCID-f5pv-qsd2-gkda	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:53:19.867757+00:00	Debian Oval Importer	Affected by	VCID-jhrd-1f8g-6ueh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:44:34.618664+00:00	Debian Oval Importer	Affected by	VCID-yn22-35eg-1khb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:41:17.473442+00:00	Debian Oval Importer	Affected by	VCID-zz4w-9935-q3gc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:55:59.065646+00:00	Debian Oval Importer	Affected by	VCID-zee4-1xpd-27bc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:45:18.552417+00:00	Debian Oval Importer	Affected by	VCID-d4ke-65rx-13ac	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:14:28.543477+00:00	Debian Oval Importer	Affected by	VCID-5hxw-dnz2-v7by	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0