Known Vulnerabilities for Sssd by Fedoraproject
Listed below are 10 of the newest known vulnerabilities associated with "Sssd" by "Fedoraproject".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-6245 json | A flaw was found in the System Security Services Daemon (SSSD). The pam_passkey_child_read_data() function within the PAM pas... | Not Provided | 2026-04-15 | 2026-04-15 |
| CVE-2022-4254 json | sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters | 8.8 - HIGH | 2023-02-01 | 2023-05-29 |
| CVE-2019-3811 json | A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root direc... | 5.2 - MEDIUM | 2019-01-15 | 2023-05-29 |
| CVE-2018-16883 json | sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" co... | 5.5 - MEDIUM | 2018-12-19 | 2019-10-09 |
| CVE-2018-16838 json | A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permis... | 5.4 - MEDIUM | 2019-03-25 | 2023-05-29 |
| CVE-2018-10852 json | The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which mea... | 7.5 - HIGH | 2018-06-26 | 2019-10-09 |
| CVE-2017-12173 json | It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its lo... | 8.8 - HIGH | 2018-07-27 | 2019-10-09 |
| CVE-2015-5292 json | Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Da... | 6.8 - MEDIUM | 2015-10-29 | 2023-02-13 |
| CVE-2014-0249 json | The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a ... | 3.3 - LOW | 2014-06-11 | 2019-04-22 |
| CVE-2013-0287 json | The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider ... | 4.9 - MEDIUM | 2013-03-21 | 2013-05-15 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Fedoraproject | Sssd | 2.1 | |||
| Application | Fedoraproject | Sssd | 2.0.0 | |||
| Application | Fedoraproject | Sssd | 1.9.4 | |||
| Application | Fedoraproject | Sssd | 1.9.3 | |||
| Application | Fedoraproject | Sssd | 1.9.2 | |||
| Application | Fedoraproject | Sssd | 1.9.1 | |||
| Application | Fedoraproject | Sssd | 1.9.0 | |||
| Application | Fedoraproject | Sssd | 1.8.6 | |||
| Application | Fedoraproject | Sssd | 1.8.5 | |||
| Application | Fedoraproject | Sssd | 1.8.4 | |||
| Application | Fedoraproject | Sssd | 1.8.3 | |||
| Application | Fedoraproject | Sssd | 1.8.2 | |||
| Application | Fedoraproject | Sssd | 1.8.1 | |||
| Application | Fedoraproject | Sssd | 1.8.0 | |||
| Application | Fedoraproject | Sssd | 1.8.0 | |||
| Application | Fedoraproject | Sssd | 1.8.0 | |||
| Application | Fedoraproject | Sssd | 1.8.0 | |||
| Application | Fedoraproject | Sssd | 1.7.0 | |||
| Application | Fedoraproject | Sssd | 1.6.4 | |||
| Application | Fedoraproject | Sssd | 1.6.3 |