Known Vulnerabilities for Sssd by Fedoraproject
Listed below are 10 of the newest known vulnerabilities associated with "Sssd" by "Fedoraproject".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-14476 json | A path traversal flaw was found in SSSD's AD GPO provider. The ad_gpo_extract_smb_components() function does not sanitize .. ... | Not Provided | 2026-07-07 | 2026-07-07 |
| CVE-2026-14474 json | A flaw was found in SSSD's LDAP sudo provider. When the ldap_sudo_search_base option is not explicitly configured, SSSD searc... | Not Provided | 2026-07-07 | 2026-07-07 |
| CVE-2026-12610 json | A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulner... | Not Provided | 2026-06-30 | 2026-06-30 |
| CVE-2026-6245 json | A flaw was found in the System Security Services Daemon (SSSD). The pam_passkey_child_read_data() function within the PAM pas... | Not Provided | 2026-04-15 | 2026-04-15 |
| CVE-2022-4254 json | sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters | 8.8 - HIGH | 2023-02-01 | 2023-05-29 |
| CVE-2019-3811 json | A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root direc... | 5.2 - MEDIUM | 2019-01-15 | 2023-05-29 |
| CVE-2018-16883 json | sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" co... | 5.5 - MEDIUM | 2018-12-19 | 2019-10-09 |
| CVE-2018-16838 json | A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permis... | 5.4 - MEDIUM | 2019-03-25 | 2023-05-29 |
| CVE-2018-10852 json | The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which mea... | 7.5 - HIGH | 2018-06-26 | 2019-10-09 |
| CVE-2017-12173 json | It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its lo... | 8.8 - HIGH | 2018-07-27 | 2019-10-09 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Fedoraproject | Sssd | 2.1 | |||
| Application | Fedoraproject | Sssd | 2.0.0 | |||
| Application | Fedoraproject | Sssd | 1.9.4 | |||
| Application | Fedoraproject | Sssd | 1.9.3 | |||
| Application | Fedoraproject | Sssd | 1.9.2 | |||
| Application | Fedoraproject | Sssd | 1.9.1 | |||
| Application | Fedoraproject | Sssd | 1.9.0 | |||
| Application | Fedoraproject | Sssd | 1.8.6 | |||
| Application | Fedoraproject | Sssd | 1.8.5 | |||
| Application | Fedoraproject | Sssd | 1.8.4 | |||
| Application | Fedoraproject | Sssd | 1.8.3 | |||
| Application | Fedoraproject | Sssd | 1.8.2 | |||
| Application | Fedoraproject | Sssd | 1.8.1 | |||
| Application | Fedoraproject | Sssd | 1.8.0 | |||
| Application | Fedoraproject | Sssd | 1.8.0 | |||
| Application | Fedoraproject | Sssd | 1.8.0 | |||
| Application | Fedoraproject | Sssd | 1.8.0 | |||
| Application | Fedoraproject | Sssd | 1.7.0 | |||
| Application | Fedoraproject | Sssd | 1.6.4 | |||
| Application | Fedoraproject | Sssd | 1.6.3 |