{"url":"http://public2.vulnerablecode.io/api/packages/42579?format=json","purl":"pkg:deb/debian/freeipa@4.9.11-1?distro=trixie","type":"deb","namespace":"debian","name":"freeipa","version":"4.9.11-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.11.1-1","latest_non_vulnerable_version":"4.13.1-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54133?format=json","vulnerability_id":"VCID-1h7x-x4we-5qab","summary":"A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with parameters that can be interpreted as command arguments to kinit on the FreeIPA server, which can lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1481.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1481.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1481","reference_id":"","reference_type":"","scores":[{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68744","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1481"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065106","reference_id":"1065106","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-1481","reference_id":"CVE-2024-1481","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-11T15:43:06Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2147","reference_id":"RHSA-2024:2147","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-11T15:43:06Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3044","reference_id":"RHSA-2024:3044","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-11T15:43:06Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3044"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2262169","reference_id":"show_bug.cgi?id=2262169","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-11T15:43:06Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2262169"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42590?format=json","purl":"pkg:deb/debian/freeipa@4.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2024-1481"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1h7x-x4we-5qab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63167?format=json","vulnerability_id":"VCID-61z7-sf9m-aya4","summary":"A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the \"forwardable\" flag on S4U2Self tickets. Fixing this mistake required adding a special case for the check_allowed_to_delegate() function: If the target service argument is NULL, then it means the KDC is probing for general constrained delegation rules and not checking a specific S4U2Proxy request.\r\n\r\nIn FreeIPA 4.11.0, the behavior of ipadb_match_acl() was modified to match the changes from upstream MIT Kerberos 1.20. However, a mistake resulting in this mechanism applies in cases where the target service argument is set AND where it is unset. This results in S4U2Proxy requests being accepted regardless of whether or not there is a matching service delegation rule.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2698.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2698.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2698","reference_id":"","reference_type":"","scores":[{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68554","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2698"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077682","reference_id":"1077682","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077682"},{"reference_url":"https://www.freeipa.org/release-notes/4-12-1.html","reference_id":"4-12-1.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T13:21:27Z/"}],"url":"https://www.freeipa.org/release-notes/4-12-1.html"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.2::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-2698","reference_id":"CVE-2024-2698","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T13:21:27Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-2698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3754","reference_id":"RHSA-2024:3754","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T13:21:27Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3755","reference_id":"RHSA-2024:3755","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T13:21:27Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3757","reference_id":"RHSA-2024:3757","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T13:21:27Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3759","reference_id":"RHSA-2024:3759","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T13:21:27Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3759"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270353","reference_id":"show_bug.cgi?id=2270353","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T13:21:27Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270353"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42590?format=json","purl":"pkg:deb/debian/freeipa@4.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2024-2698"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-61z7-sf9m-aya4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60180?format=json","vulnerability_id":"VCID-6wfx-3a4j-73an","summary":"A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the worst-case scenario, where the journal log is centralized, users with access to it can have improper access to the FreeIPA administrator credentials.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11029.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11029.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11029","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06465","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11029"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093383","reference_id":"1093383","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093383"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-11029","reference_id":"CVE-2024-11029","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:29:15Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-11029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0334","reference_id":"RHSA-2025:0334","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:29:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:0334"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2325557","reference_id":"show_bug.cgi?id=2325557","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:29:15Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2325557"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2024-11029"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6wfx-3a4j-73an"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/108044?format=json","vulnerability_id":"VCID-ftby-tqv2-sycz","summary":"A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM admin. When a successful attack happens, the user can retrieve a Kerberos ticket in the name of this service, containing the admin@REALM credential. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4404.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4404.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4404","reference_id":"","reference_type":"","scores":[{"value":"0.00293","scoring_system":"epss","scoring_elements":"0.53047","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4404"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108050","reference_id":"1108050","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108050"},{"reference_url":"https://pagure.io/freeipa/c/6b9400c135ed16b10057b350cc9ce42aa0e862d4","reference_id":"6b9400c135ed16b10057b350cc9ce42aa0e862d4","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:00:07Z/"}],"url":"https://pagure.io/freeipa/c/6b9400c135ed16b10057b350cc9ce42aa0e862d4"},{"reference_url":"https://pagure.io/freeipa/c/796ed20092d554ee0c9e23295e346ec1e8a0bf6e","reference_id":"796ed20092d554ee0c9e23295e346ec1e8a0bf6e","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:00:07Z/"}],"url":"https://pagure.io/freeipa/c/796ed20092d554ee0c9e23295e346ec1e8a0bf6e"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-4404","reference_id":"CVE-2025-4404","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:00:07Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-4404"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9184","reference_id":"RHSA-2025:9184","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:00:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9185","reference_id":"RHSA-2025:9185","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:00:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9186","reference_id":"RHSA-2025:9186","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:00:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9186"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9187","reference_id":"RHSA-2025:9187","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:00:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9188","reference_id":"RHSA-2025:9188","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:00:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9189","reference_id":"RHSA-2025:9189","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:00:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9190","reference_id":"RHSA-2025:9190","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:00:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9191","reference_id":"RHSA-2025:9191","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:00:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9191"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9192","reference_id":"RHSA-2025:9192","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:00:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9193","reference_id":"RHSA-2025:9193","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:00:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9194","reference_id":"RHSA-2025:9194","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:00:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9194"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2364606","reference_id":"show_bug.cgi?id=2364606","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:00:07Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2364606"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2025-4404"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ftby-tqv2-sycz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/133691?format=json","vulnerability_id":"VCID-mnch-cchq-yycc","summary":"A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5455.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5455.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5455","reference_id":"","reference_type":"","scores":[{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.54044","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5455"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060415","reference_id":"1060415","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060415"},{"reference_url":"https://www.freeipa.org/release-notes/4-10-3.html","reference_id":"4-10-3.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:16:21Z/"}],"url":"https://www.freeipa.org/release-notes/4-10-3.html"},{"reference_url":"https://www.freeipa.org/release-notes/4-11-1.html","reference_id":"4-11-1.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:16:21Z/"}],"url":"https://www.freeipa.org/release-notes/4-11-1.html"},{"reference_url":"https://www.freeipa.org/release-notes/4-6-10.html","reference_id":"4-6-10.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:16:21Z/"}],"url":"https://www.freeipa.org/release-notes/4-6-10.html"},{"reference_url":"https://www.freeipa.org/release-notes/4-9-14.html","reference_id":"4-9-14.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:16:21Z/"}],"url":"https://www.freeipa.org/release-notes/4-9-14.html"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.0::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.2::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-5455","reference_id":"CVE-2023-5455","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:16:21Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-5455"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0137","reference_id":"RHSA-2024:0137","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:16:21Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0138","reference_id":"RHSA-2024:0138","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:16:21Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0139","reference_id":"RHSA-2024:0139","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:16:21Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0140","reference_id":"RHSA-2024:0140","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:16:21Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0141","reference_id":"RHSA-2024:0141","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:16:21Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0141"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0142","reference_id":"RHSA-2024:0142","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:16:21Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0142"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0143","reference_id":"RHSA-2024:0143","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:16:21Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0143"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0144","reference_id":"RHSA-2024:0144","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:16:21Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0145","reference_id":"RHSA-2024:0145","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:16:21Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0145"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2242828","reference_id":"show_bug.cgi?id=2242828","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:16:21Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2242828"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42589?format=json","purl":"pkg:deb/debian/freeipa@4.11.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.11.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2023-5455"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mnch-cchq-yycc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64067?format=json","vulnerability_id":"VCID-mu5e-bwa1-e7h4","summary":"A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user’s password.\r\n\r\nIf a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal’s password).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3183.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3183.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3183","reference_id":"","reference_type":"","scores":[{"value":"0.21232","scoring_system":"epss","scoring_elements":"0.95803","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3183"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077683","reference_id":"1077683","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077683"},{"reference_url":"https://www.freeipa.org/release-notes/4-12-1.html","reference_id":"4-12-1.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:41:24Z/"}],"url":"https://www.freeipa.org/release-notes/4-12-1.html"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.0::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.2::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-3183","reference_id":"CVE-2024-3183","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:41:24Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-3183"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3754","reference_id":"RHSA-2024:3754","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:41:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3755","reference_id":"RHSA-2024:3755","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:41:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3756","reference_id":"RHSA-2024:3756","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:41:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3757","reference_id":"RHSA-2024:3757","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:41:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3758","reference_id":"RHSA-2024:3758","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:41:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3758"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3759","reference_id":"RHSA-2024:3759","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:41:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3759"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3760","reference_id":"RHSA-2024:3760","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:41:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3760"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3761","reference_id":"RHSA-2024:3761","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:41:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3761"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3775","reference_id":"RHSA-2024:3775","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:41:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3775"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270685","reference_id":"show_bug.cgi?id=2270685","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:41:24Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270685"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42590?format=json","purl":"pkg:deb/debian/freeipa@4.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2024-3183"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mu5e-bwa1-e7h4"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/213294?format=json","vulnerability_id":"VCID-6pmh-54bk-3fc1","summary":"Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's permissions while modifying certificate profiles in IdM's certprofile-mod command. An authenticated, unprivileged attacker could use this flaw to modify profiles to issue certificates with arbitrary naming or key usage information and subsequently use such certificates for other attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9575.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9575.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9575","reference_id":"","reference_type":"","scores":[{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50901","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9575"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395311","reference_id":"1395311","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395311"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849950","reference_id":"849950","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0001","reference_id":"RHSA-2017:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0001"},{"reference_url":"https://usn.ubuntu.com/USN-4792-1/","reference_id":"USN-USN-4792-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4792-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42586?format=json","purl":"pkg:deb/debian/freeipa@4.4.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.4.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42579?format=json","purl":"pkg:deb/debian/freeipa@4.9.11-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h7x-x4we-5qab"},{"vulnerability":"VCID-61z7-sf9m-aya4"},{"vulnerability":"VCID-6wfx-3a4j-73an"},{"vulnerability":"VCID-ftby-tqv2-sycz"},{"vulnerability":"VCID-mnch-cchq-yycc"},{"vulnerability":"VCID-mu5e-bwa1-e7h4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.9.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9575"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6pmh-54bk-3fc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/213287?format=json","vulnerability_id":"VCID-94yq-6dmq-vbaq","summary":"Cross-site scripting (XSS) vulnerability in the Web UI in FreeIPA 4.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to breadcrumb navigation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7850.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7850.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7850","reference_id":"","reference_type":"","scores":[{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58626","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7850"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1165280","reference_id":"1165280","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1165280"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42583?format=json","purl":"pkg:deb/debian/freeipa@4.3.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42579?format=json","purl":"pkg:deb/debian/freeipa@4.9.11-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h7x-x4we-5qab"},{"vulnerability":"VCID-61z7-sf9m-aya4"},{"vulnerability":"VCID-6wfx-3a4j-73an"},{"vulnerability":"VCID-ftby-tqv2-sycz"},{"vulnerability":"VCID-mnch-cchq-yycc"},{"vulnerability":"VCID-mu5e-bwa1-e7h4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.9.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2014-7850"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-94yq-6dmq-vbaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/213296?format=json","vulnerability_id":"VCID-9tqd-1db8-fkb8","summary":"A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2590.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2590.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2590","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39021","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2590"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1413137","reference_id":"1413137","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1413137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0388","reference_id":"RHSA-2017:0388","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0388"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42584?format=json","purl":"pkg:deb/debian/freeipa@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42579?format=json","purl":"pkg:deb/debian/freeipa@4.9.11-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h7x-x4we-5qab"},{"vulnerability":"VCID-61z7-sf9m-aya4"},{"vulnerability":"VCID-6wfx-3a4j-73an"},{"vulnerability":"VCID-ftby-tqv2-sycz"},{"vulnerability":"VCID-mnch-cchq-yycc"},{"vulnerability":"VCID-mu5e-bwa1-e7h4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.9.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2017-2590"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9tqd-1db8-fkb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206786?format=json","vulnerability_id":"VCID-ed3m-qfnd-8yb8","summary":"Code injection in FreeIPA","references":[{"reference_url":"https://access.redhat.com/errata/RHBA-2019:4268","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHBA-2019:4268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0378","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0378"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14867.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14867.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14867","reference_id":"","reference_type":"","scores":[{"value":"0.03371","scoring_system":"epss","scoring_elements":"0.87635","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14867"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14867","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14867"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ipa/PYSEC-2019-28.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ipa/PYSEC-2019-28.yaml"},{"reference_url":"https://github.com/pypa/advisory-db/tree/main/vulns/ipa/PYSEC-2019-28.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-db/tree/main/vulns/ipa/PYSEC-2019-28.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67SEUWJAJ5RMH5K4Q6TS2I7HIMXUGNKF","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67SEUWJAJ5RMH5K4Q6TS2I7HIMXUGNKF"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67SEUWJAJ5RMH5K4Q6TS2I7HIMXUGNKF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67SEUWJAJ5RMH5K4Q6TS2I7HIMXUGNKF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFL5XDCJ3WT6JCLCQVKHZBLHGW7PW4T","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFL5XDCJ3WT6JCLCQVKHZBLHGW7PW4T"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFL5XDCJ3WT6JCLCQVKHZBLHGW7PW4T/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFL5XDCJ3WT6JCLCQVKHZBLHGW7PW4T/"},{"reference_url":"https://www.freeipa.org/page/Releases/4.6.7","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.freeipa.org/page/Releases/4.6.7"},{"reference_url":"https://www.freeipa.org/page/Releases/4.7.4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.freeipa.org/page/Releases/4.7.4"},{"reference_url":"https://www.freeipa.org/page/Releases/4.8.3","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.freeipa.org/page/Releases/4.8.3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1766920","reference_id":"1766920","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1766920"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14867","reference_id":"CVE-2019-14867","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14867"},{"reference_url":"https://github.com/advisories/GHSA-7hpj-hfcr-5qwm","reference_id":"GHSA-7hpj-hfcr-5qwm","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7hpj-hfcr-5qwm"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1269","reference_id":"RHSA-2020:1269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1269"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42587?format=json","purl":"pkg:deb/debian/freeipa@4.8.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.8.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42579?format=json","purl":"pkg:deb/debian/freeipa@4.9.11-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h7x-x4we-5qab"},{"vulnerability":"VCID-61z7-sf9m-aya4"},{"vulnerability":"VCID-6wfx-3a4j-73an"},{"vulnerability":"VCID-ftby-tqv2-sycz"},{"vulnerability":"VCID-mnch-cchq-yycc"},{"vulnerability":"VCID-mu5e-bwa1-e7h4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.9.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-14867","GHSA-7hpj-hfcr-5qwm","PYSEC-2019-28"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ed3m-qfnd-8yb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/213293?format=json","vulnerability_id":"VCID-f44q-amv6-2bh4","summary":"FreeIPA uses a default password policy that locks an account after 5 unsuccessful authentication attempts, which allows remote attackers to cause a denial of service by locking out the account in which system services run on.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7030.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7030.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7030","reference_id":"","reference_type":"","scores":[{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.79122","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7030"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1370493","reference_id":"1370493","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1370493"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849970","reference_id":"849970","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849970"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0001","reference_id":"RHSA-2017:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0001"},{"reference_url":"https://usn.ubuntu.com/USN-4792-1/","reference_id":"USN-USN-4792-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4792-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42586?format=json","purl":"pkg:deb/debian/freeipa@4.4.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.4.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42579?format=json","purl":"pkg:deb/debian/freeipa@4.9.11-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h7x-x4we-5qab"},{"vulnerability":"VCID-61z7-sf9m-aya4"},{"vulnerability":"VCID-6wfx-3a4j-73an"},{"vulnerability":"VCID-ftby-tqv2-sycz"},{"vulnerability":"VCID-mnch-cchq-yycc"},{"vulnerability":"VCID-mu5e-bwa1-e7h4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.9.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2016-7030"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f44q-amv6-2bh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/213290?format=json","vulnerability_id":"VCID-jvnc-w91r-ckdv","summary":"ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem, which is world readable.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5284.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5284.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5284","reference_id":"","reference_type":"","scores":[{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53442","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1264790","reference_id":"1264790","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1264790"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42584?format=json","purl":"pkg:deb/debian/freeipa@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42579?format=json","purl":"pkg:deb/debian/freeipa@4.9.11-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h7x-x4we-5qab"},{"vulnerability":"VCID-61z7-sf9m-aya4"},{"vulnerability":"VCID-6wfx-3a4j-73an"},{"vulnerability":"VCID-ftby-tqv2-sycz"},{"vulnerability":"VCID-mnch-cchq-yycc"},{"vulnerability":"VCID-mu5e-bwa1-e7h4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.9.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2015-5284"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jvnc-w91r-ckdv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/213291?format=json","vulnerability_id":"VCID-pv18-rxm9-4fgs","summary":"The cert_revoke command in FreeIPA does not check for the \"revoke certificate\" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the \"retrieve certificate\" permission.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5404.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5404.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5404","reference_id":"","reference_type":"","scores":[{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.73414","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5404"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1351593","reference_id":"1351593","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1351593"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835131","reference_id":"835131","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1797","reference_id":"RHSA-2016:1797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1797"},{"reference_url":"https://usn.ubuntu.com/USN-4792-1/","reference_id":"USN-USN-4792-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4792-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42585?format=json","purl":"pkg:deb/debian/freeipa@4.3.2-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.3.2-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42579?format=json","purl":"pkg:deb/debian/freeipa@4.9.11-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h7x-x4we-5qab"},{"vulnerability":"VCID-61z7-sf9m-aya4"},{"vulnerability":"VCID-6wfx-3a4j-73an"},{"vulnerability":"VCID-ftby-tqv2-sycz"},{"vulnerability":"VCID-mnch-cchq-yycc"},{"vulnerability":"VCID-mu5e-bwa1-e7h4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.9.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5404"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pv18-rxm9-4fgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/213288?format=json","vulnerability_id":"VCID-rahz-29nk-qufu","summary":"The get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (crash) via a group list request for a user that belongs to a large number of groups.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1827.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1827.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1827","reference_id":"","reference_type":"","scores":[{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.79117","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1827"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1205200","reference_id":"1205200","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1205200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0728","reference_id":"RHSA-2015:0728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0728"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42584?format=json","purl":"pkg:deb/debian/freeipa@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42579?format=json","purl":"pkg:deb/debian/freeipa@4.9.11-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h7x-x4we-5qab"},{"vulnerability":"VCID-61z7-sf9m-aya4"},{"vulnerability":"VCID-6wfx-3a4j-73an"},{"vulnerability":"VCID-ftby-tqv2-sycz"},{"vulnerability":"VCID-mnch-cchq-yycc"},{"vulnerability":"VCID-mu5e-bwa1-e7h4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.9.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2015-1827"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rahz-29nk-qufu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/213297?format=json","vulnerability_id":"VCID-sbd3-pgeb-mffy","summary":"A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with passwords as arguments or options is not performed by default in FreeIPA but is possible by third-party components. An attacker having access to system logs on FreeIPA masters could use this flaw to produce log file content with passwords exposed.","references":[{"reference_url":"https://access.redhat.com/errata/RHBA-2019:4268","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHBA-2019:4268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0378","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0378"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10195.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10195.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10195","reference_id":"","reference_type":"","scores":[{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.71285","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10195"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10195","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10195"},{"reference_url":"https://github.com/advisories/GHSA-w4q7-f34x-vpgc","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-w4q7-f34x-vpgc"},{"reference_url":"https://github.com/hatchetation/freeipa","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/hatchetation/freeipa"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/freeipa/PYSEC-2019-22.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/freeipa/PYSEC-2019-22.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ipa/PYSEC-2019-168.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ipa/PYSEC-2019-168.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67SEUWJAJ5RMH5K4Q6TS2I7HIMXUGNKF","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67SEUWJAJ5RMH5K4Q6TS2I7HIMXUGNKF"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67SEUWJAJ5RMH5K4Q6TS2I7HIMXUGNKF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67SEUWJAJ5RMH5K4Q6TS2I7HIMXUGNKF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFL5XDCJ3WT6JCLCQVKHZBLHGW7PW4T","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFL5XDCJ3WT6JCLCQVKHZBLHGW7PW4T"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFL5XDCJ3WT6JCLCQVKHZBLHGW7PW4T/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFL5XDCJ3WT6JCLCQVKHZBLHGW7PW4T/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10195","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10195"},{"reference_url":"https://pagure.io/freeipa/c/5913826a4654a115cd5ff2dbf4a2b3ad38a93081","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pagure.io/freeipa/c/5913826a4654a115cd5ff2dbf4a2b3ad38a93081"},{"reference_url":"https://www.freeipa.org/page/Releases/4.6.7","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.freeipa.org/page/Releases/4.6.7"},{"reference_url":"https://www.freeipa.org/page/Releases/4.7.4","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.freeipa.org/page/Releases/4.7.4"},{"reference_url":"https://www.freeipa.org/page/Releases/4.8.3","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.freeipa.org/page/Releases/4.8.3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1726223","reference_id":"1726223","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1726223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1269","reference_id":"RHSA-2020:1269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1269"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42587?format=json","purl":"pkg:deb/debian/freeipa@4.8.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.8.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42579?format=json","purl":"pkg:deb/debian/freeipa@4.9.11-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h7x-x4we-5qab"},{"vulnerability":"VCID-61z7-sf9m-aya4"},{"vulnerability":"VCID-6wfx-3a4j-73an"},{"vulnerability":"VCID-ftby-tqv2-sycz"},{"vulnerability":"VCID-mnch-cchq-yycc"},{"vulnerability":"VCID-mu5e-bwa1-e7h4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.9.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-10195","GHSA-w4q7-f34x-vpgc","PYSEC-2019-168","PYSEC-2019-22"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sbd3-pgeb-mffy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/213299?format=json","vulnerability_id":"VCID-suph-4wkj-vfg5","summary":"A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1722.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1722.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1722","reference_id":"","reference_type":"","scores":[{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59141","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1722"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1793071","reference_id":"1793071","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1793071"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966200","reference_id":"966200","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3936","reference_id":"RHSA-2020:3936","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3936"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4670","reference_id":"RHSA-2020:4670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4670"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42588?format=json","purl":"pkg:deb/debian/freeipa@4.8.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.8.8-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42579?format=json","purl":"pkg:deb/debian/freeipa@4.9.11-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h7x-x4we-5qab"},{"vulnerability":"VCID-61z7-sf9m-aya4"},{"vulnerability":"VCID-6wfx-3a4j-73an"},{"vulnerability":"VCID-ftby-tqv2-sycz"},{"vulnerability":"VCID-mnch-cchq-yycc"},{"vulnerability":"VCID-mu5e-bwa1-e7h4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.9.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2020-1722"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-suph-4wkj-vfg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/213292?format=json","vulnerability_id":"VCID-txmg-sehd-b3bu","summary":"FreeIPA 4.4.0 allows remote attackers to request an arbitrary SAN name for services.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5414.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5414.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5414","reference_id":"","reference_type":"","scores":[{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37431","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5414"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1360757","reference_id":"1360757","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1360757"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42584?format=json","purl":"pkg:deb/debian/freeipa@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42579?format=json","purl":"pkg:deb/debian/freeipa@4.9.11-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h7x-x4we-5qab"},{"vulnerability":"VCID-61z7-sf9m-aya4"},{"vulnerability":"VCID-6wfx-3a4j-73an"},{"vulnerability":"VCID-ftby-tqv2-sycz"},{"vulnerability":"VCID-mnch-cchq-yycc"},{"vulnerability":"VCID-mu5e-bwa1-e7h4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.9.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5414"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-txmg-sehd-b3bu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/213286?format=json","vulnerability_id":"VCID-vewj-xqzu-9yhg","summary":"FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enabled, allows remote attackers to bypass the password requirement of the two-factor authentication leveraging an enabled OTP token, which triggers an anonymous bind.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7828.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7828.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7828","reference_id":"","reference_type":"","scores":[{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61565","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7828"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768294","reference_id":"768294","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768294"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42580?format=json","purl":"pkg:deb/debian/freeipa@4.0.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.0.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42579?format=json","purl":"pkg:deb/debian/freeipa@4.9.11-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h7x-x4we-5qab"},{"vulnerability":"VCID-61z7-sf9m-aya4"},{"vulnerability":"VCID-6wfx-3a4j-73an"},{"vulnerability":"VCID-ftby-tqv2-sycz"},{"vulnerability":"VCID-mnch-cchq-yycc"},{"vulnerability":"VCID-mu5e-bwa1-e7h4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.9.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42582?format=json","purl":"pkg:deb/debian/freeipa@4.12.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.12.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42581?format=json","purl":"pkg:deb/debian/freeipa@4.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.13.1-1%3Fdistro=trixie"}],"aliases":["CVE-2014-7828"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vewj-xqzu-9yhg"}],"risk_score":"4.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeipa@4.9.11-1%3Fdistro=trixie"}