VulnerableCode Package Details - pkg:deb/debian/sssd@2.4.1-2

Search for packages

Vulnerability	Summary	Fixed by
VCID-r1m1-kp4g-pbc7 Aliases: CVE-2021-3621	A vulnerability has been discovered in SSSD, which can lead to arbitrary code execution.	2.8.2-4+deb12u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-t4w3-vj56-4fcq Aliases: CVE-2023-3758	sssd: Race condition during authorization leads to GPO policies functioning inconsistently	2.8.2-4+deb12u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-ztj4-pvvh-wuay Aliases: CVE-2025-11561	sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems	2.12.0-4 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-r1m1-kp4g-pbc7
Aliases:
CVE-2021-3621

A vulnerability has been discovered in SSSD, which can lead to arbitrary code execution.

2.8.2-4+deb12u1
Affected by 1 other vulnerability.

VCID-t4w3-vj56-4fcq
Aliases:
CVE-2023-3758

sssd: Race condition during authorization leads to GPO policies functioning inconsistently

2.8.2-4+deb12u1
Affected by 1 other vulnerability.

VCID-ztj4-pvvh-wuay
Aliases:
CVE-2025-11561

sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems

2.12.0-4
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-5hxw-dnz2-v7by	sssd: fallback_homedir returns '/' for empty home directories in passwd file	CVE-2019-3811
VCID-t5gr-yesx-hqah	sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters	CVE-2022-4254
VCID-yn22-35eg-1khb	sssd: improper implementation of GPOs due to too restrictive permissions	CVE-2018-16838
VCID-zee4-1xpd-27bc	sssd: Information leak in infopipe due to an improper uid restriction	CVE-2018-16883

Vulnerability

Summary

Aliases

VCID-5hxw-dnz2-v7by

sssd: fallback_homedir returns '/' for empty home directories in passwd file

CVE-2019-3811

VCID-t5gr-yesx-hqah

sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters

CVE-2022-4254

VCID-yn22-35eg-1khb

sssd: improper implementation of GPOs due to too restrictive permissions

CVE-2018-16838

VCID-zee4-1xpd-27bc

sssd: Information leak in infopipe due to an improper uid restriction

CVE-2018-16883

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T11:08:52.337487+00:00	Debian Importer	Affected by	VCID-ztj4-pvvh-wuay	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T00:38:23.113814+00:00	Debian Oval Importer	Affected by	VCID-t4w3-vj56-4fcq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-16T00:33:38.430976+00:00	Debian Oval Importer	Fixing	VCID-t5gr-yesx-hqah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:38:10.478464+00:00	Debian Oval Importer	Affected by	VCID-r1m1-kp4g-pbc7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:12:21.877667+00:00	Debian Oval Importer	Fixing	VCID-yn22-35eg-1khb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:20:19.038438+00:00	Debian Oval Importer	Fixing	VCID-zee4-1xpd-27bc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:31:45.658950+00:00	Debian Oval Importer	Fixing	VCID-5hxw-dnz2-v7by	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-13T07:34:29.050595+00:00	Debian Importer	Affected by	VCID-ztj4-pvvh-wuay	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T00:11:20.513807+00:00	Debian Oval Importer	Affected by	VCID-t4w3-vj56-4fcq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-12T00:06:51.685045+00:00	Debian Oval Importer	Fixing	VCID-t5gr-yesx-hqah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:17:05.247483+00:00	Debian Oval Importer	Affected by	VCID-r1m1-kp4g-pbc7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:57:48.704712+00:00	Debian Oval Importer	Fixing	VCID-yn22-35eg-1khb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:06:46.978113+00:00	Debian Oval Importer	Fixing	VCID-zee4-1xpd-27bc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:19:45.736643+00:00	Debian Oval Importer	Fixing	VCID-5hxw-dnz2-v7by	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T23:42:24.642710+00:00	Debian Oval Importer	Affected by	VCID-t4w3-vj56-4fcq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T23:38:03.337245+00:00	Debian Oval Importer	Fixing	VCID-t5gr-yesx-hqah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:55:54.912456+00:00	Debian Oval Importer	Affected by	VCID-r1m1-kp4g-pbc7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:02:09.975791+00:00	Debian Importer	Affected by	VCID-ztj4-pvvh-wuay	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T17:44:34.642130+00:00	Debian Oval Importer	Fixing	VCID-yn22-35eg-1khb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:55:59.087014+00:00	Debian Oval Importer	Fixing	VCID-zee4-1xpd-27bc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:14:28.573276+00:00	Debian Oval Importer	Fixing	VCID-5hxw-dnz2-v7by	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0