6 matches found
EUVD-2024-17231
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-5455
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user...
CVE-2024-11029
CVE-2024-11029 is a real vulnerability affecting FreeIPA via an API audit flaw that leaks administrator credentials to systemd journal when the FreeIPA installation process logs the full command line. Connected advisories confirm affected packages (FreeIPA) across multiple distributions (e.g., Fe...
Medium: ipa
Issue Overview: A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with parameters that can be interpreted as command arguments to kinit on the FreeIPA server, which can lead to a denial of service. CVE-2024-1481 Affected Packages: ipa Note: This advisory ...
GHSA-W4Q7-F34X-VPGC FreeIPA logs passwords embedded in commands in calls using batch
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with...
CVE-2016-5414
FreeIPA 4.4.0 allows remote attackers to request an arbitrary SAN name for services...