VYPR

rpm package

almalinux/idm-pki-est

pkg:rpm/almalinux/idm-pki-est

Vulnerabilities (2)

  • CVE-2023-4727HigJun 11, 2024
    affected < 11.5.0-2.el9_4.alma.1fixed 11.5.0-2.el9_4.alma.1

    A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escal

  • CVE-2022-2393Jul 14, 2022
    affected < 11.3.0-1.el9fixed 11.3.0-1.el9

    A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but