VYPR

rpm package

almalinux/libsss_nss_idmap-devel

pkg:rpm/almalinux/libsss_nss_idmap-devel

Vulnerabilities (3)

  • CVE-2025-11561HigOct 9, 2025
    affected < 2.9.4-5.el8_10.3fixed 2.9.4-5.el8_10.3

    A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. Th

  • CVE-2023-3758HigApr 18, 2024
    affected < 2.9.4-6.el9_4fixed 2.9.4-6.el9_4

    A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

  • CVE-2021-3621HigDec 23, 2021
    affected < 2.4.0-9.el8_4.2fixed 2.4.0-9.el8_4.2

    A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access