VYPR

rpm package

almalinux/ipa-selinux-nfast

pkg:rpm/almalinux/ipa-selinux-nfast

Vulnerabilities (3)

  • CVE-2025-7493CriSep 30, 2025
    affected < 4.12.2-14.el9_6.5fixed 4.12.2-14.el9_6.5

    A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM crede

  • CVE-2025-4404CriJun 17, 2025
    affected < 4.12.2-14.el9_6.1fixed 4.12.2-14.el9_6.1

    A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM

  • CVE-2024-11029MedJan 15, 2025
    affected < 4.12.2-1.el9_5.3fixed 4.12.2-1.el9_5.3

    A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal data