Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/sssd@2.12.0-4?distro=trixie
purl pkg:deb/debian/sssd@2.12.0-4?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (20)
Vulnerability Summary Aliases
VCID-3sh2-437b-ayfj sssd: Out-of-bounds read flaws in autofs and ssh services responders CVE-2013-0220
VCID-5hxw-dnz2-v7by sssd: fallback_homedir returns '/' for empty home directories in passwd file CVE-2019-3811
VCID-68qt-2ghp-dba7 sssd: allows null password entry to authenticate against LDAP CVE-2010-2940
VCID-9vna-wqey-kkdm SSSD accepts any password when offline with a valid TGT available CVE-2010-0014
VCID-bveu-ff3p-gfh7 sssd: information leak from the sssd-sudo responder CVE-2018-10852
VCID-d4ke-65rx-13ac sssd: incorrect expansion of group membership when encountering a non-POSIX group CVE-2014-0249
VCID-f5pv-qsd2-gkda sssd: DoS in sssd PAM responder can prevent logins CVE-2010-4341
VCID-gn4q-ub2s-hbcz The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by listing the /tmp directory to obtain the pathname. CVE-2011-1758
VCID-jhrd-1f8g-6ueh sssd: unsanitized input when searching in local cache database CVE-2017-12173
VCID-kb5t-88br-5yh8 sssd: TOCTOU race conditions by copying and removing directory trees CVE-2013-0219
VCID-r1m1-kp4g-pbc7 A vulnerability has been discovered in SSSD, which can lead to arbitrary code execution. CVE-2021-3621
VCID-t4w3-vj56-4fcq sssd: Race condition during authorization leads to GPO policies functioning inconsistently CVE-2023-3758
VCID-t5gr-yesx-hqah sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters CVE-2022-4254
VCID-w78p-q142-juh7 The local_handler_callback function in server/responder/pam/pam_LOCAL_domain.c in sssd 0.4.1 does not properly handle blank-password accounts in the SSSD BE database, which allows context-dependent attackers to obtain access by sending the account's username, in conjunction with an arbitrary password, over an ssh connection. CVE-2009-2410
VCID-wz3w-7eag-83ft sssd: simple access provider flaw prevents intended ACL use when client to an AD provider CVE-2013-0287
VCID-xpwr-fzex-m7fa A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context. CVE-2012-3462
VCID-yn22-35eg-1khb sssd: improper implementation of GPOs due to too restrictive permissions CVE-2018-16838
VCID-zee4-1xpd-27bc sssd: Information leak in infopipe due to an improper uid restriction CVE-2018-16883
VCID-ztj4-pvvh-wuay sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems CVE-2025-11561
VCID-zz4w-9935-q3gc sssd: memory leak in the sssd_pac_plugin CVE-2015-5292

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-02T06:44:58.123057+00:00 Debian Importer Fixing VCID-r1m1-kp4g-pbc7 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T06:34:02.900671+00:00 Debian Importer Fixing VCID-zee4-1xpd-27bc https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T06:15:23.709552+00:00 Debian Importer Fixing VCID-3sh2-437b-ayfj https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T04:45:55.241494+00:00 Debian Importer Fixing VCID-xpwr-fzex-m7fa https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T04:44:10.632465+00:00 Debian Importer Fixing VCID-jhrd-1f8g-6ueh https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T04:26:33.099806+00:00 Debian Importer Fixing VCID-w78p-q142-juh7 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T04:23:44.649467+00:00 Debian Importer Fixing VCID-gn4q-ub2s-hbcz https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T02:59:54.654436+00:00 Debian Importer Fixing VCID-d4ke-65rx-13ac https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T02:44:22.447180+00:00 Debian Importer Fixing VCID-bveu-ff3p-gfh7 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T02:39:28.163585+00:00 Debian Importer Fixing VCID-5hxw-dnz2-v7by https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T01:51:36.939710+00:00 Debian Importer Fixing VCID-9vna-wqey-kkdm https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T00:58:46.943258+00:00 Debian Importer Fixing VCID-yn22-35eg-1khb https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T00:35:49.995726+00:00 Debian Importer Fixing VCID-kb5t-88br-5yh8 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T00:04:21.734764+00:00 Debian Importer Fixing VCID-t5gr-yesx-hqah https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T00:02:28.747895+00:00 Debian Importer Fixing VCID-68qt-2ghp-dba7 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-01T23:57:12.161944+00:00 Debian Importer Fixing VCID-f5pv-qsd2-gkda https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-01T22:52:24.692610+00:00 Debian Importer Fixing VCID-zz4w-9935-q3gc https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-01T22:22:47.188767+00:00 Debian Importer Fixing VCID-wz3w-7eag-83ft https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-01T22:20:48.766303+00:00 Debian Importer Fixing VCID-t4w3-vj56-4fcq https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-04-28T13:54:41.424431+00:00 Debian Importer Fixing VCID-ztj4-pvvh-wuay https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T13:29:44.028518+00:00 Debian Importer Fixing VCID-jhrd-1f8g-6ueh https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T13:02:05.642709+00:00 Debian Importer Fixing VCID-zee4-1xpd-27bc https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:59:37.797693+00:00 Debian Importer Fixing VCID-t5gr-yesx-hqah https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:51:42.143463+00:00 Debian Importer Fixing VCID-d4ke-65rx-13ac https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:47:36.048864+00:00 Debian Importer Fixing VCID-5hxw-dnz2-v7by https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:44:27.209746+00:00 Debian Importer Fixing VCID-r1m1-kp4g-pbc7 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:23:20.340977+00:00 Debian Importer Fixing VCID-3sh2-437b-ayfj https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:43:11.304690+00:00 Debian Importer Fixing VCID-xpwr-fzex-m7fa https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:36:44.141566+00:00 Debian Importer Fixing VCID-kb5t-88br-5yh8 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:34:27.799143+00:00 Debian Importer Fixing VCID-w78p-q142-juh7 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:33:19.475943+00:00 Debian Importer Fixing VCID-gn4q-ub2s-hbcz https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:20:43.343095+00:00 Debian Importer Fixing VCID-zz4w-9935-q3gc https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:01:59.719289+00:00 Debian Importer Fixing VCID-9vna-wqey-kkdm https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:50:31.150405+00:00 Debian Importer Fixing VCID-bveu-ff3p-gfh7 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:43:37.521376+00:00 Debian Importer Fixing VCID-t4w3-vj56-4fcq https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:02:32.163815+00:00 Debian Importer Fixing VCID-yn22-35eg-1khb https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:38:10.582500+00:00 Debian Importer Fixing VCID-68qt-2ghp-dba7 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:35:45.219300+00:00 Debian Importer Fixing VCID-f5pv-qsd2-gkda https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:54:34.572543+00:00 Debian Importer Fixing VCID-wz3w-7eag-83ft https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T09:18:47.685231+00:00 Debian Importer Fixing VCID-jhrd-1f8g-6ueh https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:57:33.579697+00:00 Debian Importer Fixing VCID-zee4-1xpd-27bc https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:55:41.187737+00:00 Debian Importer Fixing VCID-t5gr-yesx-hqah https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:49:39.915546+00:00 Debian Importer Fixing VCID-d4ke-65rx-13ac https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:46:32.041420+00:00 Debian Importer Fixing VCID-5hxw-dnz2-v7by https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:44:11.606457+00:00 Debian Importer Fixing VCID-r1m1-kp4g-pbc7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:28:37.190054+00:00 Debian Importer Fixing VCID-3sh2-437b-ayfj https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:59:17.991072+00:00 Debian Importer Fixing VCID-xpwr-fzex-m7fa https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:54:53.437667+00:00 Debian Importer Fixing VCID-kb5t-88br-5yh8 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:53:26.467039+00:00 Debian Importer Fixing VCID-w78p-q142-juh7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:52:39.176715+00:00 Debian Importer Fixing VCID-gn4q-ub2s-hbcz https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:43:22.414574+00:00 Debian Importer Fixing VCID-zz4w-9935-q3gc https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:29:25.633013+00:00 Debian Importer Fixing VCID-9vna-wqey-kkdm https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:20:25.050922+00:00 Debian Importer Fixing VCID-bveu-ff3p-gfh7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:15:14.126331+00:00 Debian Importer Fixing VCID-t4w3-vj56-4fcq https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:44:10.197856+00:00 Debian Importer Fixing VCID-yn22-35eg-1khb https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:24:47.510102+00:00 Debian Importer Fixing VCID-68qt-2ghp-dba7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:23:25.198971+00:00 Debian Importer Fixing VCID-f5pv-qsd2-gkda https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:58:45.603499+00:00 Debian Importer Fixing VCID-wz3w-7eag-83ft https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:53:27.035877+00:00 Debian Importer Fixing VCID-ztj4-pvvh-wuay https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.989273+00:00 Debian Importer Fixing VCID-t4w3-vj56-4fcq https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.941317+00:00 Debian Importer Fixing VCID-t5gr-yesx-hqah https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.897315+00:00 Debian Importer Fixing VCID-r1m1-kp4g-pbc7 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.837477+00:00 Debian Importer Fixing VCID-5hxw-dnz2-v7by https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.788267+00:00 Debian Importer Fixing VCID-zee4-1xpd-27bc https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.735200+00:00 Debian Importer Fixing VCID-yn22-35eg-1khb https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.685256+00:00 Debian Importer Fixing VCID-bveu-ff3p-gfh7 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.635246+00:00 Debian Importer Fixing VCID-jhrd-1f8g-6ueh https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.586933+00:00 Debian Importer Fixing VCID-zz4w-9935-q3gc https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.542530+00:00 Debian Importer Fixing VCID-d4ke-65rx-13ac https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.490854+00:00 Debian Importer Fixing VCID-wz3w-7eag-83ft https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.448212+00:00 Debian Importer Fixing VCID-3sh2-437b-ayfj https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.399557+00:00 Debian Importer Fixing VCID-kb5t-88br-5yh8 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.350636+00:00 Debian Importer Fixing VCID-xpwr-fzex-m7fa https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.308628+00:00 Debian Importer Fixing VCID-gn4q-ub2s-hbcz https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.261481+00:00 Debian Importer Fixing VCID-f5pv-qsd2-gkda https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.199421+00:00 Debian Importer Fixing VCID-68qt-2ghp-dba7 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.150202+00:00 Debian Importer Fixing VCID-9vna-wqey-kkdm https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.107021+00:00 Debian Importer Fixing VCID-w78p-q142-juh7 https://security-tracker.debian.org/tracker/data/json 38.1.0