Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/sssd@1.11.7.3-3~bpo70%2B1

Type deb

Namespace debian

Name sssd

Version 1.11.7.3-3~bpo70+1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.12.0-4

Latest_non_vulnerable_version 2.12.0-4

Affected_by_vulnerabilities

url VCID-5hxw-dnz2-v7by

vulnerability_id VCID-5hxw-dnz2-v7by

summary sssd: fallback_homedir returns '/' for empty home directories in passwd file

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00026.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00026.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00045.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00045.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3811.json

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3811.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-3811

reference_id

reference_type

scores

value	0.00117
scoring_system	epss
scoring_elements	0.30475
published_at	2026-04-01T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.29999
published_at	2026-05-07T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30257
published_at	2026-04-24T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30142
published_at	2026-04-26T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30065
published_at	2026-04-29T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.29927
published_at	2026-05-05T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30503
published_at	2026-04-02T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30549
published_at	2026-04-04T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30359
published_at	2026-04-07T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30419
published_at	2026-04-08T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30454
published_at	2026-04-09T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30457
published_at	2026-04-11T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30412
published_at	2026-04-12T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30363
published_at	2026-04-13T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30381
published_at	2026-04-16T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30362
published_at	2026-04-18T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30318
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-3811

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3811
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3811

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3811
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3811

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/01/msg00011.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/01/msg00011.html

reference_url	https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html

reference_url	http://www.securityfocus.com/bid/106644
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106644

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1656618
reference_id	1656618
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1656618

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919051
reference_id	919051
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919051

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd::::::::
reference_id	cpe:2.3:a:fedoraproject:sssd::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:-:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-3811

reference_id

CVE-2019-3811

reference_type

scores

value	2.7
scoring_system	cvssv2
scoring_elements	AV:A/AC:L/Au:S/C:N/I:N/A:P

value	4.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

value	5.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-3811

reference_url	https://access.redhat.com/errata/RHSA-2019:2177
reference_id	RHSA-2019:2177
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2177

reference_url	https://usn.ubuntu.com/5067-1/
reference_id	USN-5067-1
reference_type
scores
url	https://usn.ubuntu.com/5067-1/

fixed_packages

url pkg:deb/debian/sssd@2.4.1-2

purl pkg:deb/debian/sssd@2.4.1-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-r1m1-kp4g-pbc7

vulnerability	VCID-t4w3-vj56-4fcq

vulnerability	VCID-ztj4-pvvh-wuay

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.4.1-2

aliases CVE-2019-3811

risk_score 2.4

exploitability 0.5

weighted_severity 4.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5hxw-dnz2-v7by

url VCID-bveu-ff3p-gfh7

vulnerability_id VCID-bveu-ff3p-gfh7

summary sssd: information leak from the sssd-sudo responder

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10852.json

reference_id

reference_type

scores

value	3.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10852.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10852

reference_id

reference_type

scores

value	0.00273
scoring_system	epss
scoring_elements	0.50657
published_at	2026-04-01T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50658
published_at	2026-05-07T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50722
published_at	2026-04-24T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.5073
published_at	2026-04-26T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50684
published_at	2026-04-29T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50605
published_at	2026-05-05T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50711
published_at	2026-04-02T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50736
published_at	2026-04-04T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50692
published_at	2026-04-07T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50748
published_at	2026-04-13T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50744
published_at	2026-04-09T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50788
published_at	2026-04-16T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50764
published_at	2026-04-12T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50793
published_at	2026-04-18T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50773
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10852

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10852
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10852

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/07/msg00019.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/07/msg00019.html

reference_url	http://www.securityfocus.com/bid/104547
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104547

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1588810
reference_id	1588810
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1588810

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902860
reference_id	902860
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902860

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd::::::::
reference_id	cpe:2.3:a:fedoraproject:sssd::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-10852

reference_id

CVE-2018-10852

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	3.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-10852

reference_url	https://access.redhat.com/errata/RHSA-2018:3158
reference_id	RHSA-2018:3158
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3158

reference_url	https://usn.ubuntu.com/5067-1/
reference_id	USN-5067-1
reference_type
scores
url	https://usn.ubuntu.com/5067-1/

fixed_packages

url pkg:deb/debian/sssd@1.16.3-3.2

purl pkg:deb/debian/sssd@1.16.3-3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5hxw-dnz2-v7by

vulnerability	VCID-r1m1-kp4g-pbc7

vulnerability	VCID-t4w3-vj56-4fcq

vulnerability	VCID-t5gr-yesx-hqah

vulnerability	VCID-yn22-35eg-1khb

vulnerability	VCID-zee4-1xpd-27bc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@1.16.3-3.2

aliases CVE-2018-10852

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bveu-ff3p-gfh7

url VCID-jhrd-1f8g-6ueh

vulnerability_id VCID-jhrd-1f8g-6ueh

summary sssd: unsanitized input when searching in local cache database

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12173.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12173.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-12173

reference_id

reference_type

scores

value	0.00447
scoring_system	epss
scoring_elements	0.6343
published_at	2026-04-01T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63587
published_at	2026-05-07T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63571
published_at	2026-04-29T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63543
published_at	2026-05-05T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63489
published_at	2026-04-02T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63516
published_at	2026-04-04T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.6348
published_at	2026-04-07T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63532
published_at	2026-04-08T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63549
published_at	2026-04-12T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63565
published_at	2026-04-11T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63515
published_at	2026-04-13T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63552
published_at	2026-04-16T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63559
published_at	2026-04-18T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63544
published_at	2026-04-21T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63562
published_at	2026-04-24T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63576
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-12173

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12173
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12173

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:P/I:N/A:N

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1498173
reference_id	1498173
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1498173

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877885
reference_id	877885
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877885

reference_url	https://access.redhat.com/errata/RHSA-2017:3379
reference_id	RHSA-2017:3379
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3379

reference_url	https://access.redhat.com/errata/RHSA-2018:1877
reference_id	RHSA-2018:1877
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1877

reference_url	https://usn.ubuntu.com/3526-1/
reference_id	USN-3526-1
reference_type
scores
url	https://usn.ubuntu.com/3526-1/

fixed_packages

url pkg:deb/debian/sssd@1.16.3-3.2

purl pkg:deb/debian/sssd@1.16.3-3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5hxw-dnz2-v7by

vulnerability	VCID-r1m1-kp4g-pbc7

vulnerability	VCID-t4w3-vj56-4fcq

vulnerability	VCID-t5gr-yesx-hqah

vulnerability	VCID-yn22-35eg-1khb

vulnerability	VCID-zee4-1xpd-27bc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@1.16.3-3.2

aliases CVE-2017-12173

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jhrd-1f8g-6ueh

url VCID-r1m1-kp4g-pbc7

vulnerability_id VCID-r1m1-kp4g-pbc7

summary A vulnerability has been discovered in SSSD, which can lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3621.json

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3621.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3621

reference_id

reference_type

scores

value	0.00384
scoring_system	epss
scoring_elements	0.59531
published_at	2026-04-01T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.59654
published_at	2026-05-07T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.59647
published_at	2026-04-29T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.59606
published_at	2026-05-05T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.59605
published_at	2026-04-02T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.5963
published_at	2026-04-04T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.59599
published_at	2026-04-07T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.5965
published_at	2026-04-08T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.59663
published_at	2026-04-09T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.59683
published_at	2026-04-11T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.59665
published_at	2026-04-12T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.59646
published_at	2026-04-13T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.59679
published_at	2026-04-16T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.59687
published_at	2026-04-18T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.59671
published_at	2026-04-21T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.59641
published_at	2026-04-24T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.59661
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3621

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1975142
reference_id	1975142
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1975142

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992710
reference_id	992710
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992710

reference_url

https://security.archlinux.org/AVG-2314

reference_id

AVG-2314

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2314

reference_url	https://security.gentoo.org/glsa/202407-05
reference_id	GLSA-202407-05
reference_type
scores
url	https://security.gentoo.org/glsa/202407-05

reference_url	https://access.redhat.com/errata/RHSA-2021:3151
reference_id	RHSA-2021:3151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3151

reference_url	https://access.redhat.com/errata/RHSA-2021:3178
reference_id	RHSA-2021:3178
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3178

reference_url	https://access.redhat.com/errata/RHSA-2021:3235
reference_id	RHSA-2021:3235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3235

reference_url	https://access.redhat.com/errata/RHSA-2021:3336
reference_id	RHSA-2021:3336
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3336

reference_url	https://access.redhat.com/errata/RHSA-2021:3365
reference_id	RHSA-2021:3365
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3365

reference_url	https://access.redhat.com/errata/RHSA-2021:3477
reference_id	RHSA-2021:3477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3477

reference_url	https://usn.ubuntu.com/5067-1/
reference_id	USN-5067-1
reference_type
scores
url	https://usn.ubuntu.com/5067-1/

fixed_packages

url pkg:deb/debian/sssd@2.8.2-4%2Bdeb12u1

purl pkg:deb/debian/sssd@2.8.2-4%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ztj4-pvvh-wuay

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.8.2-4%252Bdeb12u1

aliases CVE-2021-3621

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r1m1-kp4g-pbc7

url VCID-t4w3-vj56-4fcq

vulnerability_id VCID-t4w3-vj56-4fcq

summary sssd: Race condition during authorization leads to GPO policies functioning inconsistently

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3758.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3758.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-3758

reference_id

reference_type

scores

value	0.00029
scoring_system	epss
scoring_elements	0.08154
published_at	2026-05-07T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08113
published_at	2026-04-13T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.0802
published_at	2026-04-16T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08004
published_at	2026-04-18T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08161
published_at	2026-04-21T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08118
published_at	2026-04-24T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08081
published_at	2026-04-26T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08053
published_at	2026-04-29T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08023
published_at	2026-05-05T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08135
published_at	2026-04-08T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08157
published_at	2026-04-09T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08149
published_at	2026-04-11T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.0813
published_at	2026-04-12T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11739
published_at	2026-04-04T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11696
published_at	2026-04-02T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11524
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-3758

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3758
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3758

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070369
reference_id	1070369
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070369

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2223762

reference_id

2223762

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2223762

reference_url

https://github.com/SSSD/sssd/pull/7302

reference_id

7302

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://github.com/SSSD/sssd/pull/7302

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id	cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id	cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb
reference_id	cpe:/a:redhat:rhel_eus:8.6::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_eus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb
reference_id	cpe:/a:redhat:rhel_eus:8.8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb
reference_id	cpe:/a:redhat:rhel_eus:9.0::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb
reference_id	cpe:/a:redhat:rhel_eus:9.2::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.0::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8
reference_id	cpe:/o:redhat:rhev_hypervisor:4.4::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8

reference_url

https://access.redhat.com/security/cve/CVE-2023-3758

reference_id

CVE-2023-3758

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://access.redhat.com/security/cve/CVE-2023-3758

reference_url

https://access.redhat.com/errata/RHSA-2024:1919

reference_id

RHSA-2024:1919

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://access.redhat.com/errata/RHSA-2024:1919

reference_url

https://access.redhat.com/errata/RHSA-2024:1920

reference_id

RHSA-2024:1920

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://access.redhat.com/errata/RHSA-2024:1920

reference_url

https://access.redhat.com/errata/RHSA-2024:1921

reference_id

RHSA-2024:1921

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://access.redhat.com/errata/RHSA-2024:1921

reference_url

https://access.redhat.com/errata/RHSA-2024:1922

reference_id

RHSA-2024:1922

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://access.redhat.com/errata/RHSA-2024:1922

reference_url

https://access.redhat.com/errata/RHSA-2024:2571

reference_id

RHSA-2024:2571

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://access.redhat.com/errata/RHSA-2024:2571

reference_url

https://access.redhat.com/errata/RHSA-2024:3270

reference_id

RHSA-2024:3270

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://access.redhat.com/errata/RHSA-2024:3270

reference_url	https://usn.ubuntu.com/6836-1/
reference_id	USN-6836-1
reference_type
scores
url	https://usn.ubuntu.com/6836-1/

fixed_packages

url pkg:deb/debian/sssd@2.8.2-4%2Bdeb12u1

purl pkg:deb/debian/sssd@2.8.2-4%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ztj4-pvvh-wuay

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.8.2-4%252Bdeb12u1

aliases CVE-2023-3758

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4w3-vj56-4fcq

url VCID-t5gr-yesx-hqah

vulnerability_id VCID-t5gr-yesx-hqah

summary sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4254.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4254.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-4254

reference_id

reference_type

scores

value	0.00078
scoring_system	epss
scoring_elements	0.22947
published_at	2026-05-07T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23301
published_at	2026-04-02T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.2324
published_at	2026-04-12T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23182
published_at	2026-04-13T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23199
published_at	2026-04-16T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23191
published_at	2026-04-18T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23152
published_at	2026-04-21T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.2298
published_at	2026-04-24T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.22973
published_at	2026-04-26T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.22969
published_at	2026-04-29T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.22863
published_at	2026-05-05T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23343
published_at	2026-04-04T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23132
published_at	2026-04-07T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23205
published_at	2026-04-08T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23255
published_at	2026-04-09T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23278
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-4254

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4254
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4254

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2149894

reference_id

2149894

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-27T14:42:02Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2149894

reference_url

https://github.com/SSSD/sssd/issues/5135

reference_id

5135

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-27T14:42:02Z/

url

https://github.com/SSSD/sssd/issues/5135

reference_url

https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274

reference_id

a2b9a84460429181f2a4fa7e2bb5ab49fd561274

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-27T14:42:02Z/

url

https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274

reference_url

https://access.redhat.com/security/cve/CVE-2022-4254

reference_id

CVE-2022-4254

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-27T14:42:02Z/

url

https://access.redhat.com/security/cve/CVE-2022-4254

reference_url	https://access.redhat.com/errata/RHSA-2023:0397
reference_id	RHSA-2023:0397
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0397

reference_url	https://access.redhat.com/errata/RHSA-2023:0403
reference_id	RHSA-2023:0403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0403

reference_url	https://access.redhat.com/errata/RHSA-2023:0442
reference_id	RHSA-2023:0442
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0442

reference_url	https://usn.ubuntu.com/6156-1/
reference_id	USN-6156-1
reference_type
scores
url	https://usn.ubuntu.com/6156-1/

fixed_packages

url pkg:deb/debian/sssd@2.4.1-2

purl pkg:deb/debian/sssd@2.4.1-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-r1m1-kp4g-pbc7

vulnerability	VCID-t4w3-vj56-4fcq

vulnerability	VCID-ztj4-pvvh-wuay

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.4.1-2

aliases CVE-2022-4254

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t5gr-yesx-hqah

url VCID-yn22-35eg-1khb

vulnerability_id VCID-yn22-35eg-1khb

summary sssd: improper implementation of GPOs due to too restrictive permissions

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00042.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00042.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00051.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00051.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16838.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16838.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16838

reference_id

reference_type

scores

value	0.00919
scoring_system	epss
scoring_elements	0.75895
published_at	2026-04-01T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.76073
published_at	2026-05-07T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.76024
published_at	2026-04-26T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.76035
published_at	2026-04-29T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.76045
published_at	2026-05-05T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.75899
published_at	2026-04-02T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.75931
published_at	2026-04-04T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.7591
published_at	2026-04-07T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.75943
published_at	2026-04-08T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.75957
published_at	2026-04-09T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.75981
published_at	2026-04-11T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.75959
published_at	2026-04-12T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.75951
published_at	2026-04-13T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.75989
published_at	2026-04-16T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.75992
published_at	2026-04-18T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.75976
published_at	2026-04-21T12:55:00Z

value	0.00919
scoring_system	epss
scoring_elements	0.76014
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16838

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16838
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16838

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16838
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16838

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1640820
reference_id	1640820
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1640820

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931432
reference_id	931432
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931432

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:-:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-16838

reference_id

CVE-2018-16838

reference_type

scores

value	5.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:N

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-16838

reference_url	https://access.redhat.com/errata/RHSA-2019:2177
reference_id	RHSA-2019:2177
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2177

reference_url	https://access.redhat.com/errata/RHSA-2019:2437
reference_id	RHSA-2019:2437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2437

reference_url	https://access.redhat.com/errata/RHSA-2019:3651
reference_id	RHSA-2019:3651
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3651

reference_url	https://usn.ubuntu.com/5067-1/
reference_id	USN-5067-1
reference_type
scores
url	https://usn.ubuntu.com/5067-1/

fixed_packages

url pkg:deb/debian/sssd@2.4.1-2

purl pkg:deb/debian/sssd@2.4.1-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-r1m1-kp4g-pbc7

vulnerability	VCID-t4w3-vj56-4fcq

vulnerability	VCID-ztj4-pvvh-wuay

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.4.1-2

aliases CVE-2018-16838

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yn22-35eg-1khb

url VCID-zee4-1xpd-27bc

vulnerability_id VCID-zee4-1xpd-27bc

summary sssd: Information leak in infopipe due to an improper uid restriction

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16883.json

reference_id

reference_type

scores

value	2.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16883.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16883

reference_id

reference_type

scores

value	0.00126
scoring_system	epss
scoring_elements	0.318
published_at	2026-04-01T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31929
published_at	2026-04-02T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31972
published_at	2026-04-04T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31791
published_at	2026-04-07T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31843
published_at	2026-04-08T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31872
published_at	2026-04-09T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31876
published_at	2026-04-11T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31838
published_at	2026-04-12T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31802
published_at	2026-04-13T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31834
published_at	2026-04-16T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31814
published_at	2026-04-18T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31785
published_at	2026-04-21T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31617
published_at	2026-04-24T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.3149
published_at	2026-04-26T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31406
published_at	2026-04-29T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31256
published_at	2026-05-05T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31324
published_at	2026-05-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16883

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16883
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16883

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1659862
reference_id	1659862
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1659862

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916824
reference_id	916824
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916824

fixed_packages

url pkg:deb/debian/sssd@2.4.1-2

purl pkg:deb/debian/sssd@2.4.1-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-r1m1-kp4g-pbc7

vulnerability	VCID-t4w3-vj56-4fcq

vulnerability	VCID-ztj4-pvvh-wuay

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.4.1-2

aliases CVE-2018-16883

risk_score 1.1

exploitability 0.5

weighted_severity 2.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zee4-1xpd-27bc

url VCID-zz4w-9935-q3gc

vulnerability_id VCID-zz4w-9935-q3gc

summary sssd: memory leak in the sssd_pac_plugin

references

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169110.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169110.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169597.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169597.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169613.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169613.html

reference_url	http://permalink.gmane.org/gmane.linux.redhat.sssd.user/3422
reference_id
reference_type
scores
url	http://permalink.gmane.org/gmane.linux.redhat.sssd.user/3422

reference_url	http://rhn.redhat.com/errata/RHSA-2015-2019.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-2019.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-2355.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-2355.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5292.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5292.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5292

reference_id

reference_type

scores

value	0.02687
scoring_system	epss
scoring_elements	0.85943
published_at	2026-05-07T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.85784
published_at	2026-04-01T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.85796
published_at	2026-04-02T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.85815
published_at	2026-04-04T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.85819
published_at	2026-04-07T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.85838
published_at	2026-04-08T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.85848
published_at	2026-04-09T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.85863
published_at	2026-04-11T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.8586
published_at	2026-04-12T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.85856
published_at	2026-04-13T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.85874
published_at	2026-04-16T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.85879
published_at	2026-04-18T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.85872
published_at	2026-04-21T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.85893
published_at	2026-04-24T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.85902
published_at	2026-04-26T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.85903
published_at	2026-04-29T12:55:00Z

value	0.02687
scoring_system	epss
scoring_elements	0.85921
published_at	2026-05-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5292

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5292
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5292

reference_url	https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch
reference_id
reference_type
scores
url	https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch

reference_url	https://fedorahosted.org/sssd/ticket/2803
reference_id
reference_type
scores
url	https://fedorahosted.org/sssd/ticket/2803

reference_url	https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.1
reference_id
reference_type
scores
url	https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.1

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url	http://www.securityfocus.com/bid/77529
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/77529

reference_url	http://www.securitytracker.com/id/1034038
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034038

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1267580
reference_id	1267580
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1267580

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.10.0:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.10.1:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.10.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.10.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.0:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.11.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.1:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.11.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.2:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.11.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.3:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.11.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.4:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.11.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.5:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.11.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.6:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.11.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.7:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.11.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.11.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.12.0:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.12.1:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.12.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.12.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.12.2:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.12.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.12.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.12.3:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.12.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.12.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.12.4:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.12.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.12.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.12.5:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.12.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.12.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.13.0:::::::*
reference_id	cpe:2.3:a:fedoraproject:sssd:1.13.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.13.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-5292

reference_id

CVE-2015-5292

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:N/I:N/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2015-5292

reference_url	https://access.redhat.com/errata/RHSA-2015:2019
reference_id	RHSA-2015:2019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2019

reference_url	https://access.redhat.com/errata/RHSA-2015:2355
reference_id	RHSA-2015:2355
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2355

fixed_packages

url pkg:deb/debian/sssd@1.15.0-3%2Bdeb9u1

purl pkg:deb/debian/sssd@1.15.0-3%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5hxw-dnz2-v7by

vulnerability	VCID-bveu-ff3p-gfh7

vulnerability	VCID-jhrd-1f8g-6ueh

vulnerability	VCID-r1m1-kp4g-pbc7

vulnerability	VCID-t4w3-vj56-4fcq

vulnerability	VCID-t5gr-yesx-hqah

vulnerability	VCID-yn22-35eg-1khb

vulnerability	VCID-zee4-1xpd-27bc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@1.15.0-3%252Bdeb9u1

aliases CVE-2015-5292

risk_score 3.0

exploitability 0.5

weighted_severity 6.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zz4w-9935-q3gc

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@1.11.7.3-3~bpo70%252B1

Package Instance