FreeIPA - XML Entity Injection

Access to external entities when parsing XML documents can lead to XML external entity XXE attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests. id: CVE-2022-2414 info: name: FreeIPA - XML Entity Injection...

CVE-2026-11774

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

UBUNTU-CVE-2026-11774

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

EUVD-2026-36293

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

CVE-2026-11774

CVE-2026-11774 affects the SASL I/O layer in 389-ds-base (389 Directory Server). A crafted SASL packet with a length prefix of 0xFFFFFFFC triggers an unsigned wraparound when sasl_io_start_packet() adds sizeof(uint32_t), bypassing nsslapd-maxsasliosize and causing a heap buffer overflow of up to ...

PT-2026-48701

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasl io start packet, adding sizeofuint32 t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap...

Linux Distros Unpatched Vulnerability : CVE-2026-11774

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packe...

[SECURITY] Fedora 43 Update: freeipa-4.13.1-7.fc43

IPA is an integrated solution to provide centrally managed Identity users, hosts, services, Authentication SSO, 2FA, and Authorization host access control, SELinux user roles, services. The solution provides features for further integration with Linux based clients SUDO, automount and integration...

[SECURITY] Fedora 44 Update: freeipa-4.13.1-12.fc44

IPA is an integrated solution to provide centrally managed Identity users, hosts, services, Authentication SSO, 2FA, and Authorization host access control, SELinux user roles, services. The solution provides features for further integration with Linux based clients SUDO, automount and integration...

Fedora 44 : freeipa / samba (2026-7567819345)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-7567819345 advisory. Update to Samba 4.24.3 - Security fix for CVE-2026-4480, CVE-2026-2340, CVE-2026-3012, CVE-2026-1933, CVE-2026-4408, and CVE-2026-3238 Tenable has...

Astra Linux - уязвимость в freeipa

A flaw was discovered in all IPA versions ranging from 4.x.x to 4.8.0. When sending a very long password = 1,000,000 characters to the server, the password hashing process could exhaust memory and CPU resources, resulting in a denial of service and making the website unresponsive. The greatest...

OESA-2026-2170 sssd security update

Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...

Security Bulletin: Vulnerability in FreeIPA affects IBM Netezza Appliance

Summary The FreeIPA package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-7493 Vulnerability Details CVEID:CVE-2025-7493 DESCRIPTION: A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is...

RLSA-2025:17129 Important: idm:DL1 security update

Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA...

idm:DL1 security update

An update is available for bind-dyndb-ldap, module.python-yubico, custodia, module.softhsm, module.python-jwcrypto, module.ipa-healthcheck, module.slapi-nis, ipa-healthcheck, opendnssec, module.bind-dyndb-ldap, pyusb, python-jwcrypto, module.python-qrcode, module.ipa, module.opendnssec,...

TencentOS Server 3: idm:DL1 (TSSA-2025:1008)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:1008 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2019-14826 vulnerabilities

Vulnerabilities for packages: freeipa...

GHSA-HWMM-P4J4-8398 vulnerabilities

Vulnerabilities for packages: freeipa...

MiracleLinux 8 : idm:DL1 (AXSA:2024-8493:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8493:01 advisory. CVE-2024-2698 freeipa: delegation rules allow a proxy service to impersonate any user to access another target service CVE-2024-3183 freeipa: user c...

MiracleLinux 9 : ipa-4.11.0-15.el9_4.ML.1 (AXSA:2024-8146:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8146:07 advisory. freeipa: delegation rules allow a proxy service to impersonate any user to access another target service CVE-2024-2698 freeipa: user can obtain a ha...