VYPR

rpm package

almalinux/ipa-client-encrypted-dns

pkg:rpm/almalinux/ipa-client-encrypted-dns

Vulnerabilities (2)

  • CVE-2025-7493CriSep 30, 2025
    affected < 4.12.2-14.el9_6.5fixed 4.12.2-14.el9_6.5

    A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM crede

  • CVE-2025-4404CriJun 17, 2025
    affected < 4.12.2-14.el9_6.1fixed 4.12.2-14.el9_6.1

    A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM