VYPR
Unrated severityOSV Advisory· Published Dec 19, 2018· Updated Aug 5, 2024

CVE-2018-16883

CVE-2018-16883

Description

sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1
  • Range: sssd-1_13_0, sssd-1_13_1, sssd-1_13_90, …

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.