Nixpkgs Security Tracker

Login with GitHub

Suggestions search

Untriaged
Filter by:
With package: sssd

Found 2 matching suggestions

View:
Compact
Detailed
Permalink CVE-2012-3462
created 1 month ago
A flaw was found in SSSD version 1.9.0. The SSSD's …

A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.

References

Affected products

sssd
  • ==1.9.0

Matching in nixpkgs

Package maintainers

Permalink CVE-2023-3758
7.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): ADJACENT_NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
Sssd: race condition during authorization leads to gpo policies functioning inconsistently

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

References

Affected products

sssd
  • <2.9.5
  • *

Matching in nixpkgs

pkgs.sssd

System Security Services Daemon

  • nixos-unstable -

Package maintainers