[SECURITY] Fedora 44 Update: freeipa-4.13.1-12.fc44

IPA is an integrated solution to provide centrally managed Identity users, hosts, services, Authentication SSO, 2FA, and Authorization host access control, SELinux user roles, services. The solution provides features for further integration with Linux based clients SUDO, automount and integration...

Fedora 44 : freeipa / samba (2026-7567819345)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-7567819345 advisory. Update to Samba 4.24.3 - Security fix for CVE-2026-4480, CVE-2026-2340, CVE-2026-3012, CVE-2026-1933, CVE-2026-4408, and CVE-2026-3238 Tenable has...

FreeIPA - XML Entity Injection

Access to external entities when parsing XML documents can lead to XML external entity XXE attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests. id: CVE-2022-2414 info: name: FreeIPA - XML Entity Injection...

Astra Linux - уязвимость в freeipa

There is a cross-site request forgery vulnerability in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions on behalf of the user, resulting in a loss of confidentiality and system integrity...

Astra Linux - уязвимость в freeipa

A vulnerability was discovered in FreeIPA when a Kerberos TGS-REQ is encrypted using the client’s session key. This key varies for each new session, which helps protect it from brute-force attacks. However, the ticket contained within the encrypted message is encrypted using the target principal...

Astra Linux - уязвимость в freeipa

A vulnerability was discovered in FreeIPA regarding the initial implementation of MS-SFU by MIT Kerberos. This implementation lacked a condition for granting the “forwardable” flag on S4U2Self tickets. To fix this issue, a special case had to be added to the checkallowedtodelegate function: If th...

Astra Linux - уязвимость в freeipa

A flaw was discovered in all IPA versions ranging from 4.x.x to 4.8.0. When sending a very long password = 1,000,000 characters to the server, the password hashing process could exhaust memory and CPU resources, resulting in a denial of service and making the website unresponsive. The greatest...

Astra Linux - уязвимость в freeipa

A flaw was discovered in FreeIPA. This issue may allow a remote attacker to create an HTTP request with parameters that can be interpreted as command arguments for kinit on the FreeIPA server, resulting in a denial of service...

OESA-2026-2170 sssd security update

Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...

Security Bulletin: Vulnerability in FreeIPA affects IBM Netezza Appliance

Summary The FreeIPA package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-7493 Vulnerability Details CVEID:CVE-2025-7493 DESCRIPTION: A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is...

RLSA-2025:17129 Important: idm:DL1 security update

Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA...

idm:DL1 security update

An update is available for bind-dyndb-ldap, module.python-yubico, custodia, module.softhsm, module.python-jwcrypto, module.ipa-healthcheck, module.slapi-nis, ipa-healthcheck, opendnssec, module.bind-dyndb-ldap, pyusb, python-jwcrypto, module.python-qrcode, module.ipa, module.opendnssec,...

TencentOS Server 3: idm:DL1 (TSSA-2025:1008)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:1008 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2019-14826 vulnerabilities

Vulnerabilities for packages: freeipa...

GHSA-HWMM-P4J4-8398 vulnerabilities

Vulnerabilities for packages: freeipa...

MiracleLinux 8 : pki-core:10.6 (AXSA:2021-2369:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2369:01 advisory. pki-server: Dogtag installer pkispawn logs admin credentials into a world-readable log file CVE-2021-3551 The PKI installer pkispawn logs admin credentials...

MiracleLinux 8 : idm:DL1 (AXSA:2024-8493:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8493:01 advisory. CVE-2024-2698 freeipa: delegation rules allow a proxy service to impersonate any user to access another target service CVE-2024-3183 freeipa: user c...

MiracleLinux 9 : ipa-4.11.0-15.el9_4.ML.1 (AXSA:2024-8146:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8146:07 advisory. freeipa: delegation rules allow a proxy service to impersonate any user to access another target service CVE-2024-2698 freeipa: user can obtain a ha...

MiracleLinux 4 : ipa-3.0.0-50.2.0.1.AXS4 (AXSA:2016-660:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-660:02 advisory. Security Fix - FreeIPA certrevoke revoke certificate retrieve certificate CVE-2016-5404 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding...

MiracleLinux 4 : ipa-2.1.3-9.0.1.AXS4 (AXSA:2012-370:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-370:01 advisory. IPA is an integrated solution to provide centrally managed Identity machine, user, virtual machines, groups, authentication credentials, Policy configuration...