Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/sssd@2.4.1-2
Typedeb
Namespacedebian
Namesssd
Version2.4.1-2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.12.0-4
Latest_non_vulnerable_version2.12.0-4
Affected_by_vulnerabilities
0
url VCID-r1m1-kp4g-pbc7
vulnerability_id VCID-r1m1-kp4g-pbc7
summary A vulnerability has been discovered in SSSD, which can lead to arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3621.json
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3621.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3621
reference_id
reference_type
scores
0
value 0.00384
scoring_system epss
scoring_elements 0.59531
published_at 2026-04-01T12:55:00Z
1
value 0.00384
scoring_system epss
scoring_elements 0.59791
published_at 2026-05-16T12:55:00Z
2
value 0.00384
scoring_system epss
scoring_elements 0.59768
published_at 2026-05-14T12:55:00Z
3
value 0.00384
scoring_system epss
scoring_elements 0.59777
published_at 2026-05-15T12:55:00Z
4
value 0.00384
scoring_system epss
scoring_elements 0.59605
published_at 2026-04-02T12:55:00Z
5
value 0.00384
scoring_system epss
scoring_elements 0.5963
published_at 2026-04-04T12:55:00Z
6
value 0.00384
scoring_system epss
scoring_elements 0.59599
published_at 2026-04-07T12:55:00Z
7
value 0.00384
scoring_system epss
scoring_elements 0.5965
published_at 2026-04-08T12:55:00Z
8
value 0.00384
scoring_system epss
scoring_elements 0.59663
published_at 2026-04-09T12:55:00Z
9
value 0.00384
scoring_system epss
scoring_elements 0.59683
published_at 2026-04-11T12:55:00Z
10
value 0.00384
scoring_system epss
scoring_elements 0.59665
published_at 2026-04-12T12:55:00Z
11
value 0.00384
scoring_system epss
scoring_elements 0.59646
published_at 2026-04-13T12:55:00Z
12
value 0.00384
scoring_system epss
scoring_elements 0.59679
published_at 2026-04-16T12:55:00Z
13
value 0.00384
scoring_system epss
scoring_elements 0.59687
published_at 2026-04-18T12:55:00Z
14
value 0.00384
scoring_system epss
scoring_elements 0.59671
published_at 2026-05-11T12:55:00Z
15
value 0.00384
scoring_system epss
scoring_elements 0.59641
published_at 2026-04-24T12:55:00Z
16
value 0.00384
scoring_system epss
scoring_elements 0.59661
published_at 2026-04-26T12:55:00Z
17
value 0.00384
scoring_system epss
scoring_elements 0.59647
published_at 2026-04-29T12:55:00Z
18
value 0.00384
scoring_system epss
scoring_elements 0.59606
published_at 2026-05-05T12:55:00Z
19
value 0.00384
scoring_system epss
scoring_elements 0.59654
published_at 2026-05-07T12:55:00Z
20
value 0.00384
scoring_system epss
scoring_elements 0.59713
published_at 2026-05-09T12:55:00Z
21
value 0.00384
scoring_system epss
scoring_elements 0.59699
published_at 2026-05-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3621
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3621
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3621
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1975142
reference_id 1975142
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1975142
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992710
reference_id 992710
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992710
6
reference_url https://security.archlinux.org/AVG-2314
reference_id AVG-2314
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2314
7
reference_url https://security.gentoo.org/glsa/202407-05
reference_id GLSA-202407-05
reference_type
scores
url https://security.gentoo.org/glsa/202407-05
8
reference_url https://access.redhat.com/errata/RHSA-2021:3151
reference_id RHSA-2021:3151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3151
9
reference_url https://access.redhat.com/errata/RHSA-2021:3178
reference_id RHSA-2021:3178
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3178
10
reference_url https://access.redhat.com/errata/RHSA-2021:3235
reference_id RHSA-2021:3235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3235
11
reference_url https://access.redhat.com/errata/RHSA-2021:3336
reference_id RHSA-2021:3336
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3336
12
reference_url https://access.redhat.com/errata/RHSA-2021:3365
reference_id RHSA-2021:3365
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3365
13
reference_url https://access.redhat.com/errata/RHSA-2021:3477
reference_id RHSA-2021:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3477
14
reference_url https://usn.ubuntu.com/5067-1/
reference_id USN-5067-1
reference_type
scores
url https://usn.ubuntu.com/5067-1/
fixed_packages
0
url pkg:deb/debian/sssd@2.8.2-4%2Bdeb12u1
purl pkg:deb/debian/sssd@2.8.2-4%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ztj4-pvvh-wuay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.8.2-4%252Bdeb12u1
aliases CVE-2021-3621
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r1m1-kp4g-pbc7
1
url VCID-t4w3-vj56-4fcq
vulnerability_id VCID-t4w3-vj56-4fcq
summary sssd: Race condition during authorization leads to GPO policies functioning inconsistently
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3758.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3758.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-3758
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08297
published_at 2026-05-16T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08053
published_at 2026-04-29T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.08023
published_at 2026-05-05T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.08154
published_at 2026-05-07T12:55:00Z
4
value 0.00029
scoring_system epss
scoring_elements 0.0822
published_at 2026-05-09T12:55:00Z
5
value 0.00029
scoring_system epss
scoring_elements 0.08203
published_at 2026-05-11T12:55:00Z
6
value 0.00029
scoring_system epss
scoring_elements 0.0823
published_at 2026-05-12T12:55:00Z
7
value 0.00029
scoring_system epss
scoring_elements 0.08285
published_at 2026-05-14T12:55:00Z
8
value 0.00029
scoring_system epss
scoring_elements 0.08286
published_at 2026-05-15T12:55:00Z
9
value 0.00029
scoring_system epss
scoring_elements 0.08135
published_at 2026-04-08T12:55:00Z
10
value 0.00029
scoring_system epss
scoring_elements 0.08157
published_at 2026-04-09T12:55:00Z
11
value 0.00029
scoring_system epss
scoring_elements 0.08149
published_at 2026-04-11T12:55:00Z
12
value 0.00029
scoring_system epss
scoring_elements 0.0813
published_at 2026-04-12T12:55:00Z
13
value 0.00029
scoring_system epss
scoring_elements 0.08113
published_at 2026-04-13T12:55:00Z
14
value 0.00029
scoring_system epss
scoring_elements 0.0802
published_at 2026-04-16T12:55:00Z
15
value 0.00029
scoring_system epss
scoring_elements 0.08004
published_at 2026-04-18T12:55:00Z
16
value 0.00029
scoring_system epss
scoring_elements 0.08161
published_at 2026-04-21T12:55:00Z
17
value 0.00029
scoring_system epss
scoring_elements 0.08118
published_at 2026-04-24T12:55:00Z
18
value 0.00029
scoring_system epss
scoring_elements 0.08081
published_at 2026-04-26T12:55:00Z
19
value 0.00039
scoring_system epss
scoring_elements 0.11739
published_at 2026-04-04T12:55:00Z
20
value 0.00039
scoring_system epss
scoring_elements 0.11696
published_at 2026-04-02T12:55:00Z
21
value 0.00039
scoring_system epss
scoring_elements 0.11524
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-3758
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3758
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3758
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070369
reference_id 1070369
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070369
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2223762
reference_id 2223762
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2223762
6
reference_url https://github.com/SSSD/sssd/pull/7302
reference_id 7302
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/
url https://github.com/SSSD/sssd/pull/7302
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb
reference_id cpe:/a:redhat:rhel_eus:8.6::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
reference_id cpe:/a:redhat:rhel_eus:8.8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb
reference_id cpe:/a:redhat:rhel_eus:8.8::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb
reference_id cpe:/a:redhat:rhel_eus:9.0::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb
reference_id cpe:/a:redhat:rhel_eus:9.2::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos
reference_id cpe:/o:redhat:rhel_eus:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos
reference_id cpe:/o:redhat:rhel_eus:9.0::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
reference_id cpe:/o:redhat:rhel_eus:9.2::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8
reference_id cpe:/o:redhat:rhev_hypervisor:4.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8
26
reference_url https://access.redhat.com/security/cve/CVE-2023-3758
reference_id CVE-2023-3758
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/
url https://access.redhat.com/security/cve/CVE-2023-3758
27
reference_url https://access.redhat.com/errata/RHSA-2024:1919
reference_id RHSA-2024:1919
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/
url https://access.redhat.com/errata/RHSA-2024:1919
28
reference_url https://access.redhat.com/errata/RHSA-2024:1920
reference_id RHSA-2024:1920
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/
url https://access.redhat.com/errata/RHSA-2024:1920
29
reference_url https://access.redhat.com/errata/RHSA-2024:1921
reference_id RHSA-2024:1921
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/
url https://access.redhat.com/errata/RHSA-2024:1921
30
reference_url https://access.redhat.com/errata/RHSA-2024:1922
reference_id RHSA-2024:1922
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/
url https://access.redhat.com/errata/RHSA-2024:1922
31
reference_url https://access.redhat.com/errata/RHSA-2024:2571
reference_id RHSA-2024:2571
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/
url https://access.redhat.com/errata/RHSA-2024:2571
32
reference_url https://access.redhat.com/errata/RHSA-2024:3270
reference_id RHSA-2024:3270
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/
url https://access.redhat.com/errata/RHSA-2024:3270
33
reference_url https://usn.ubuntu.com/6836-1/
reference_id USN-6836-1
reference_type
scores
url https://usn.ubuntu.com/6836-1/
fixed_packages
0
url pkg:deb/debian/sssd@2.8.2-4%2Bdeb12u1
purl pkg:deb/debian/sssd@2.8.2-4%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ztj4-pvvh-wuay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.8.2-4%252Bdeb12u1
aliases CVE-2023-3758
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4w3-vj56-4fcq
2
url VCID-ztj4-pvvh-wuay
vulnerability_id VCID-ztj4-pvvh-wuay
summary sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11561.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11561.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-11561
reference_id
reference_type
scores
0
value 0.00046
scoring_system epss
scoring_elements 0.1435
published_at 2026-05-16T12:55:00Z
1
value 0.00046
scoring_system epss
scoring_elements 0.14349
published_at 2026-05-15T12:55:00Z
2
value 0.00054
scoring_system epss
scoring_elements 0.1677
published_at 2026-04-24T12:55:00Z
3
value 0.00054
scoring_system epss
scoring_elements 0.17103
published_at 2026-04-04T12:55:00Z
4
value 0.00054
scoring_system epss
scoring_elements 0.16885
published_at 2026-04-07T12:55:00Z
5
value 0.00054
scoring_system epss
scoring_elements 0.16973
published_at 2026-04-08T12:55:00Z
6
value 0.00054
scoring_system epss
scoring_elements 0.17031
published_at 2026-04-09T12:55:00Z
7
value 0.00054
scoring_system epss
scoring_elements 0.17006
published_at 2026-04-11T12:55:00Z
8
value 0.00054
scoring_system epss
scoring_elements 0.16959
published_at 2026-04-12T12:55:00Z
9
value 0.00054
scoring_system epss
scoring_elements 0.169
published_at 2026-04-13T12:55:00Z
10
value 0.00054
scoring_system epss
scoring_elements 0.16837
published_at 2026-04-16T12:55:00Z
11
value 0.00054
scoring_system epss
scoring_elements 0.16839
published_at 2026-04-18T12:55:00Z
12
value 0.00054
scoring_system epss
scoring_elements 0.16867
published_at 2026-04-21T12:55:00Z
13
value 0.00054
scoring_system epss
scoring_elements 0.17049
published_at 2026-04-02T12:55:00Z
14
value 0.00054
scoring_system epss
scoring_elements 0.16755
published_at 2026-04-26T12:55:00Z
15
value 0.00054
scoring_system epss
scoring_elements 0.1672
published_at 2026-04-29T12:55:00Z
16
value 0.00063
scoring_system epss
scoring_elements 0.1941
published_at 2026-05-09T12:55:00Z
17
value 0.00063
scoring_system epss
scoring_elements 0.1937
published_at 2026-05-11T12:55:00Z
18
value 0.00063
scoring_system epss
scoring_elements 0.19406
published_at 2026-05-12T12:55:00Z
19
value 0.00063
scoring_system epss
scoring_elements 0.19502
published_at 2026-05-14T12:55:00Z
20
value 0.00063
scoring_system epss
scoring_elements 0.19238
published_at 2026-05-05T12:55:00Z
21
value 0.00063
scoring_system epss
scoring_elements 0.19319
published_at 2026-05-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-11561
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11561
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117935
reference_id 1117935
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117935
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2402727
reference_id 2402727
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2402727
6
reference_url https://github.com/SSSD/sssd/issues/8021
reference_id 8021
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://github.com/SSSD/sssd/issues/8021
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7::el9
reference_id cpe:/a:redhat:ceph_storage:7::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7::el9
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8::el9
reference_id cpe:/a:redhat:ceph_storage:8::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8::el9
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8
reference_id cpe:/a:redhat:openshift:4.12::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
reference_id cpe:/a:redhat:openshift:4.14::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
reference_id cpe:/a:redhat:openshift:4.15::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9
reference_id cpe:/a:redhat:openshift:4.17::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9
reference_id cpe:/a:redhat:openshift:4.18::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9
reference_id cpe:/a:redhat:openshift:4.19::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9
reference_id cpe:/a:redhat:openshift:4.20::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream
reference_id cpe:/a:redhat:rhel_e4s:8.8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_id cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb
reference_id cpe:/a:redhat:rhel_eus:9.4::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream
reference_id cpe:/a:redhat:rhel_eus:9.6::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::crb
reference_id cpe:/a:redhat:rhel_eus:9.6::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::crb
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream
reference_id cpe:/a:redhat:rhel_tus:8.8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1
reference_id cpe:/o:redhat:enterprise_linux:10.1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_id cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_id cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
reference_id cpe:/o:redhat:rhel_els:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos
reference_id cpe:/o:redhat:rhel_eus:9.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_id cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos
reference_id cpe:/o:redhat:rhel_tus:8.8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos
47
reference_url https://access.redhat.com/security/cve/CVE-2025-11561
reference_id CVE-2025-11561
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/security/cve/CVE-2025-11561
48
reference_url https://blog.async.sg/kerberos-ldr
reference_id kerberos-ldr
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://blog.async.sg/kerberos-ldr
49
reference_url https://access.redhat.com/errata/RHSA-2025:19610
reference_id RHSA-2025:19610
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:19610
50
reference_url https://access.redhat.com/errata/RHSA-2025:19847
reference_id RHSA-2025:19847
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:19847
51
reference_url https://access.redhat.com/errata/RHSA-2025:19848
reference_id RHSA-2025:19848
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:19848
52
reference_url https://access.redhat.com/errata/RHSA-2025:19849
reference_id RHSA-2025:19849
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:19849
53
reference_url https://access.redhat.com/errata/RHSA-2025:19850
reference_id RHSA-2025:19850
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:19850
54
reference_url https://access.redhat.com/errata/RHSA-2025:19851
reference_id RHSA-2025:19851
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:19851
55
reference_url https://access.redhat.com/errata/RHSA-2025:19852
reference_id RHSA-2025:19852
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:19852
56
reference_url https://access.redhat.com/errata/RHSA-2025:19853
reference_id RHSA-2025:19853
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:19853
57
reference_url https://access.redhat.com/errata/RHSA-2025:19854
reference_id RHSA-2025:19854
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:19854
58
reference_url https://access.redhat.com/errata/RHSA-2025:19859
reference_id RHSA-2025:19859
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:19859
59
reference_url https://access.redhat.com/errata/RHSA-2025:20954
reference_id RHSA-2025:20954
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:20954
60
reference_url https://access.redhat.com/errata/RHSA-2025:21020
reference_id RHSA-2025:21020
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:21020
61
reference_url https://access.redhat.com/errata/RHSA-2025:21067
reference_id RHSA-2025:21067
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:21067
62
reference_url https://access.redhat.com/errata/RHSA-2025:21329
reference_id RHSA-2025:21329
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:21329
63
reference_url https://access.redhat.com/errata/RHSA-2025:21795
reference_id RHSA-2025:21795
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:21795
64
reference_url https://access.redhat.com/errata/RHSA-2025:22256
reference_id RHSA-2025:22256
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:22256
65
reference_url https://access.redhat.com/errata/RHSA-2025:22277
reference_id RHSA-2025:22277
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:22277
66
reference_url https://access.redhat.com/errata/RHSA-2025:22529
reference_id RHSA-2025:22529
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:22529
67
reference_url https://access.redhat.com/errata/RHSA-2025:22548
reference_id RHSA-2025:22548
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2025:22548
68
reference_url https://access.redhat.com/errata/RHSA-2026:0677
reference_id RHSA-2026:0677
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-10T03:55:25Z/
url https://access.redhat.com/errata/RHSA-2026:0677
fixed_packages
0
url pkg:deb/debian/sssd@2.12.0-4
purl pkg:deb/debian/sssd@2.12.0-4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.12.0-4
aliases CVE-2025-11561
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ztj4-pvvh-wuay
Fixing_vulnerabilities
0
url VCID-5hxw-dnz2-v7by
vulnerability_id VCID-5hxw-dnz2-v7by
summary sssd: fallback_homedir returns '/' for empty home directories in passwd file
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00026.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00026.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00045.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00045.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3811.json
reference_id
reference_type
scores
0
value 4.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3811.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3811
reference_id
reference_type
scores
0
value 0.00117
scoring_system epss
scoring_elements 0.30475
published_at 2026-04-01T12:55:00Z
1
value 0.00117
scoring_system epss
scoring_elements 0.30044
published_at 2026-05-16T12:55:00Z
2
value 0.00117
scoring_system epss
scoring_elements 0.29938
published_at 2026-05-11T12:55:00Z
3
value 0.00117
scoring_system epss
scoring_elements 0.29959
published_at 2026-05-12T12:55:00Z
4
value 0.00117
scoring_system epss
scoring_elements 0.30033
published_at 2026-05-14T12:55:00Z
5
value 0.00117
scoring_system epss
scoring_elements 0.30045
published_at 2026-05-15T12:55:00Z
6
value 0.00117
scoring_system epss
scoring_elements 0.30503
published_at 2026-04-02T12:55:00Z
7
value 0.00117
scoring_system epss
scoring_elements 0.30549
published_at 2026-04-04T12:55:00Z
8
value 0.00117
scoring_system epss
scoring_elements 0.30359
published_at 2026-04-07T12:55:00Z
9
value 0.00117
scoring_system epss
scoring_elements 0.30419
published_at 2026-04-08T12:55:00Z
10
value 0.00117
scoring_system epss
scoring_elements 0.30454
published_at 2026-04-09T12:55:00Z
11
value 0.00117
scoring_system epss
scoring_elements 0.30457
published_at 2026-04-11T12:55:00Z
12
value 0.00117
scoring_system epss
scoring_elements 0.30412
published_at 2026-04-12T12:55:00Z
13
value 0.00117
scoring_system epss
scoring_elements 0.30363
published_at 2026-04-13T12:55:00Z
14
value 0.00117
scoring_system epss
scoring_elements 0.30381
published_at 2026-04-16T12:55:00Z
15
value 0.00117
scoring_system epss
scoring_elements 0.30362
published_at 2026-04-18T12:55:00Z
16
value 0.00117
scoring_system epss
scoring_elements 0.30318
published_at 2026-04-21T12:55:00Z
17
value 0.00117
scoring_system epss
scoring_elements 0.30257
published_at 2026-04-24T12:55:00Z
18
value 0.00117
scoring_system epss
scoring_elements 0.30142
published_at 2026-04-26T12:55:00Z
19
value 0.00117
scoring_system epss
scoring_elements 0.30065
published_at 2026-04-29T12:55:00Z
20
value 0.00117
scoring_system epss
scoring_elements 0.29927
published_at 2026-05-05T12:55:00Z
21
value 0.00117
scoring_system epss
scoring_elements 0.29999
published_at 2026-05-07T12:55:00Z
22
value 0.00117
scoring_system epss
scoring_elements 0.30008
published_at 2026-05-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3811
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3811
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3811
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3811
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3811
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://lists.debian.org/debian-lts-announce/2019/01/msg00011.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2019/01/msg00011.html
8
reference_url https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html
9
reference_url http://www.securityfocus.com/bid/106644
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106644
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1656618
reference_id 1656618
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1656618
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919051
reference_id 919051
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919051
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:fedoraproject:sssd:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:*:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3811
reference_id CVE-2019-3811
reference_type
scores
0
value 2.7
scoring_system cvssv2
scoring_elements AV:A/AC:L/Au:S/C:N/I:N/A:P
1
value 4.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
2
value 5.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-3811
19
reference_url https://access.redhat.com/errata/RHSA-2019:2177
reference_id RHSA-2019:2177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2177
20
reference_url https://usn.ubuntu.com/5067-1/
reference_id USN-5067-1
reference_type
scores
url https://usn.ubuntu.com/5067-1/
fixed_packages
0
url pkg:deb/debian/sssd@2.4.1-2
purl pkg:deb/debian/sssd@2.4.1-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r1m1-kp4g-pbc7
1
vulnerability VCID-t4w3-vj56-4fcq
2
vulnerability VCID-ztj4-pvvh-wuay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.4.1-2
aliases CVE-2019-3811
risk_score 2.4
exploitability 0.5
weighted_severity 4.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5hxw-dnz2-v7by
1
url VCID-t5gr-yesx-hqah
vulnerability_id VCID-t5gr-yesx-hqah
summary sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4254.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4254.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-4254
reference_id
reference_type
scores
0
value 0.00078
scoring_system epss
scoring_elements 0.23103
published_at 2026-05-16T12:55:00Z
1
value 0.00078
scoring_system epss
scoring_elements 0.23301
published_at 2026-04-02T12:55:00Z
2
value 0.00078
scoring_system epss
scoring_elements 0.22973
published_at 2026-04-26T12:55:00Z
3
value 0.00078
scoring_system epss
scoring_elements 0.22969
published_at 2026-04-29T12:55:00Z
4
value 0.00078
scoring_system epss
scoring_elements 0.22863
published_at 2026-05-05T12:55:00Z
5
value 0.00078
scoring_system epss
scoring_elements 0.22947
published_at 2026-05-07T12:55:00Z
6
value 0.00078
scoring_system epss
scoring_elements 0.23023
published_at 2026-05-09T12:55:00Z
7
value 0.00078
scoring_system epss
scoring_elements 0.22988
published_at 2026-05-11T12:55:00Z
8
value 0.00078
scoring_system epss
scoring_elements 0.23006
published_at 2026-05-12T12:55:00Z
9
value 0.00078
scoring_system epss
scoring_elements 0.23084
published_at 2026-05-14T12:55:00Z
10
value 0.00078
scoring_system epss
scoring_elements 0.23105
published_at 2026-05-15T12:55:00Z
11
value 0.00078
scoring_system epss
scoring_elements 0.23343
published_at 2026-04-04T12:55:00Z
12
value 0.00078
scoring_system epss
scoring_elements 0.23132
published_at 2026-04-07T12:55:00Z
13
value 0.00078
scoring_system epss
scoring_elements 0.23205
published_at 2026-04-08T12:55:00Z
14
value 0.00078
scoring_system epss
scoring_elements 0.23255
published_at 2026-04-09T12:55:00Z
15
value 0.00078
scoring_system epss
scoring_elements 0.23278
published_at 2026-04-11T12:55:00Z
16
value 0.00078
scoring_system epss
scoring_elements 0.2324
published_at 2026-04-12T12:55:00Z
17
value 0.00078
scoring_system epss
scoring_elements 0.23182
published_at 2026-04-13T12:55:00Z
18
value 0.00078
scoring_system epss
scoring_elements 0.23199
published_at 2026-04-16T12:55:00Z
19
value 0.00078
scoring_system epss
scoring_elements 0.23191
published_at 2026-04-18T12:55:00Z
20
value 0.00078
scoring_system epss
scoring_elements 0.23152
published_at 2026-04-21T12:55:00Z
21
value 0.00078
scoring_system epss
scoring_elements 0.2298
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-4254
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4254
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4254
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2149894
reference_id 2149894
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-27T14:42:02Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2149894
5
reference_url https://github.com/SSSD/sssd/issues/5135
reference_id 5135
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-27T14:42:02Z/
url https://github.com/SSSD/sssd/issues/5135
6
reference_url https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274
reference_id a2b9a84460429181f2a4fa7e2bb5ab49fd561274
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-27T14:42:02Z/
url https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274
7
reference_url https://access.redhat.com/security/cve/CVE-2022-4254
reference_id CVE-2022-4254
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-27T14:42:02Z/
url https://access.redhat.com/security/cve/CVE-2022-4254
8
reference_url https://access.redhat.com/errata/RHSA-2023:0397
reference_id RHSA-2023:0397
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0397
9
reference_url https://access.redhat.com/errata/RHSA-2023:0403
reference_id RHSA-2023:0403
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0403
10
reference_url https://access.redhat.com/errata/RHSA-2023:0442
reference_id RHSA-2023:0442
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0442
11
reference_url https://usn.ubuntu.com/6156-1/
reference_id USN-6156-1
reference_type
scores
url https://usn.ubuntu.com/6156-1/
fixed_packages
0
url pkg:deb/debian/sssd@2.4.1-2
purl pkg:deb/debian/sssd@2.4.1-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r1m1-kp4g-pbc7
1
vulnerability VCID-t4w3-vj56-4fcq
2
vulnerability VCID-ztj4-pvvh-wuay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.4.1-2
aliases CVE-2022-4254
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t5gr-yesx-hqah
2
url VCID-yn22-35eg-1khb
vulnerability_id VCID-yn22-35eg-1khb
summary sssd: improper implementation of GPOs due to too restrictive permissions
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00042.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00042.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00051.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00051.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16838.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16838.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16838
reference_id
reference_type
scores
0
value 0.00919
scoring_system epss
scoring_elements 0.75895
published_at 2026-04-01T12:55:00Z
1
value 0.00919
scoring_system epss
scoring_elements 0.7617
published_at 2026-05-16T12:55:00Z
2
value 0.00919
scoring_system epss
scoring_elements 0.76098
published_at 2026-05-12T12:55:00Z
3
value 0.00919
scoring_system epss
scoring_elements 0.76147
published_at 2026-05-14T12:55:00Z
4
value 0.00919
scoring_system epss
scoring_elements 0.76161
published_at 2026-05-15T12:55:00Z
5
value 0.00919
scoring_system epss
scoring_elements 0.75899
published_at 2026-04-02T12:55:00Z
6
value 0.00919
scoring_system epss
scoring_elements 0.75931
published_at 2026-04-04T12:55:00Z
7
value 0.00919
scoring_system epss
scoring_elements 0.7591
published_at 2026-04-07T12:55:00Z
8
value 0.00919
scoring_system epss
scoring_elements 0.75943
published_at 2026-04-08T12:55:00Z
9
value 0.00919
scoring_system epss
scoring_elements 0.75957
published_at 2026-04-09T12:55:00Z
10
value 0.00919
scoring_system epss
scoring_elements 0.75981
published_at 2026-04-11T12:55:00Z
11
value 0.00919
scoring_system epss
scoring_elements 0.75959
published_at 2026-04-12T12:55:00Z
12
value 0.00919
scoring_system epss
scoring_elements 0.75951
published_at 2026-04-13T12:55:00Z
13
value 0.00919
scoring_system epss
scoring_elements 0.75989
published_at 2026-04-16T12:55:00Z
14
value 0.00919
scoring_system epss
scoring_elements 0.75992
published_at 2026-04-18T12:55:00Z
15
value 0.00919
scoring_system epss
scoring_elements 0.75976
published_at 2026-04-21T12:55:00Z
16
value 0.00919
scoring_system epss
scoring_elements 0.76014
published_at 2026-04-24T12:55:00Z
17
value 0.00919
scoring_system epss
scoring_elements 0.76024
published_at 2026-04-26T12:55:00Z
18
value 0.00919
scoring_system epss
scoring_elements 0.76035
published_at 2026-04-29T12:55:00Z
19
value 0.00919
scoring_system epss
scoring_elements 0.76045
published_at 2026-05-05T12:55:00Z
20
value 0.00919
scoring_system epss
scoring_elements 0.76073
published_at 2026-05-07T12:55:00Z
21
value 0.00919
scoring_system epss
scoring_elements 0.76096
published_at 2026-05-09T12:55:00Z
22
value 0.00919
scoring_system epss
scoring_elements 0.76083
published_at 2026-05-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16838
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16838
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16838
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16838
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1640820
reference_id 1640820
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1640820
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931432
reference_id 931432
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931432
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:fedoraproject:sssd:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:-:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16838
reference_id CVE-2018-16838
reference_type
scores
0
value 5.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:N
1
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2018-16838
13
reference_url https://access.redhat.com/errata/RHSA-2019:2177
reference_id RHSA-2019:2177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2177
14
reference_url https://access.redhat.com/errata/RHSA-2019:2437
reference_id RHSA-2019:2437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2437
15
reference_url https://access.redhat.com/errata/RHSA-2019:3651
reference_id RHSA-2019:3651
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3651
16
reference_url https://usn.ubuntu.com/5067-1/
reference_id USN-5067-1
reference_type
scores
url https://usn.ubuntu.com/5067-1/
fixed_packages
0
url pkg:deb/debian/sssd@2.4.1-2
purl pkg:deb/debian/sssd@2.4.1-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r1m1-kp4g-pbc7
1
vulnerability VCID-t4w3-vj56-4fcq
2
vulnerability VCID-ztj4-pvvh-wuay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.4.1-2
aliases CVE-2018-16838
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yn22-35eg-1khb
3
url VCID-zee4-1xpd-27bc
vulnerability_id VCID-zee4-1xpd-27bc
summary sssd: Information leak in infopipe due to an improper uid restriction
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16883.json
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16883.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16883
reference_id
reference_type
scores
0
value 0.00126
scoring_system epss
scoring_elements 0.318
published_at 2026-04-01T12:55:00Z
1
value 0.00126
scoring_system epss
scoring_elements 0.31929
published_at 2026-04-02T12:55:00Z
2
value 0.00126
scoring_system epss
scoring_elements 0.31972
published_at 2026-04-04T12:55:00Z
3
value 0.00126
scoring_system epss
scoring_elements 0.31791
published_at 2026-04-07T12:55:00Z
4
value 0.00126
scoring_system epss
scoring_elements 0.31843
published_at 2026-04-08T12:55:00Z
5
value 0.00126
scoring_system epss
scoring_elements 0.31872
published_at 2026-04-09T12:55:00Z
6
value 0.00126
scoring_system epss
scoring_elements 0.31876
published_at 2026-04-11T12:55:00Z
7
value 0.00126
scoring_system epss
scoring_elements 0.31838
published_at 2026-04-12T12:55:00Z
8
value 0.00126
scoring_system epss
scoring_elements 0.31802
published_at 2026-04-13T12:55:00Z
9
value 0.00126
scoring_system epss
scoring_elements 0.31834
published_at 2026-04-16T12:55:00Z
10
value 0.00126
scoring_system epss
scoring_elements 0.31814
published_at 2026-04-18T12:55:00Z
11
value 0.00126
scoring_system epss
scoring_elements 0.31785
published_at 2026-04-21T12:55:00Z
12
value 0.00126
scoring_system epss
scoring_elements 0.31617
published_at 2026-04-24T12:55:00Z
13
value 0.00126
scoring_system epss
scoring_elements 0.3149
published_at 2026-04-26T12:55:00Z
14
value 0.00126
scoring_system epss
scoring_elements 0.31406
published_at 2026-04-29T12:55:00Z
15
value 0.00126
scoring_system epss
scoring_elements 0.31256
published_at 2026-05-05T12:55:00Z
16
value 0.00126
scoring_system epss
scoring_elements 0.31324
published_at 2026-05-07T12:55:00Z
17
value 0.00126
scoring_system epss
scoring_elements 0.31331
published_at 2026-05-09T12:55:00Z
18
value 0.00126
scoring_system epss
scoring_elements 0.31239
published_at 2026-05-11T12:55:00Z
19
value 0.00126
scoring_system epss
scoring_elements 0.31262
published_at 2026-05-12T12:55:00Z
20
value 0.00126
scoring_system epss
scoring_elements 0.31334
published_at 2026-05-14T12:55:00Z
21
value 0.00126
scoring_system epss
scoring_elements 0.3135
published_at 2026-05-15T12:55:00Z
22
value 0.00126
scoring_system epss
scoring_elements 0.31351
published_at 2026-05-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16883
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16883
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16883
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1659862
reference_id 1659862
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1659862
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916824
reference_id 916824
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916824
fixed_packages
0
url pkg:deb/debian/sssd@2.4.1-2
purl pkg:deb/debian/sssd@2.4.1-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r1m1-kp4g-pbc7
1
vulnerability VCID-t4w3-vj56-4fcq
2
vulnerability VCID-ztj4-pvvh-wuay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.4.1-2
aliases CVE-2018-16883
risk_score 1.1
exploitability 0.5
weighted_severity 2.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zee4-1xpd-27bc
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.4.1-2