Known Vulnerabilities for Heimdal by Heimdal Project
Listed below are 10 of the newest known vulnerabilities associated with "Heimdal" by "Heimdal Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-45142 json | The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" c... | 7.5 - HIGH | 2023-03-06 | 2023-10-08 |
| CVE-2022-44640 json | Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by ... | 9.8 - CRITICAL | 2022-12-25 | 2023-10-08 |
| CVE-2022-42898 json | PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote... | 8.8 - HIGH | 2022-12-25 | 2023-10-08 |
| CVE-2022-41916 json | Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service ... | 7.5 - HIGH | 2022-11-15 | 2023-10-08 |
| CVE-2022-3116 json | The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access t... | 7.5 - HIGH | 2023-03-27 | 2023-05-05 |
| CVE-2021-44758 json | Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of G... | 7.5 - HIGH | 2022-12-26 | 2023-10-08 |
| CVE-2019-12098 json | In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the... | 7.5 - HIGH | 2019-05-15 | 2026-04-15 |
| CVE-2018-16860 json | A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 ... | 7.5 - HIGH | 2019-07-31 | 2019-08-14 |
| CVE-2017-17439 json | In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing... | 7.5 - HIGH | 2017-12-06 | 2017-12-30 |
| CVE-2017-11103 json | Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-prin... | 8.1 - HIGH | 2017-07-13 | 2020-08-18 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Heimdal Project | Heimdal | 7.7.0 | |||
| Application | Heimdal Project | Heimdal | 7.6.0 | |||
| Application | Heimdal Project | Heimdal | 7.5.0 | |||
| Application | Heimdal Project | Heimdal | 7.4.0 | |||
| Application | Heimdal Project | Heimdal | 7.3.0 | |||
| Application | Heimdal Project | Heimdal | 7.2.0 | |||
| Application | Heimdal Project | Heimdal | 7.1.0 | |||
| Application | Heimdal Project | Heimdal | 7.1.0 | |||
| Application | Heimdal Project | Heimdal | 7.0.3 | |||
| Application | Heimdal Project | Heimdal | 7.0.2 | |||
| Application | Heimdal Project | Heimdal | 7.0.1 | |||
| Application | Heimdal Project | Heimdal | 1.6.0 | |||
| Application | Heimdal Project | Heimdal | 1.6.0 | |||
| Application | Heimdal Project | Heimdal | 1.5.3 | |||
| Application | Heimdal Project | Heimdal | 1.5.2 | |||
| Application | Heimdal Project | Heimdal | 1.5.1 | |||
| Application | Heimdal Project | Heimdal | 1.5.0 | |||
| Application | Heimdal Project | Heimdal | 1.5.0 | |||
| Application | Heimdal Project | Heimdal | 1.5.0 | |||
| Application | Heimdal Project | Heimdal | 1.5.0 |