5 matches found
openSUSE 16 Security Update : himmelblau (openSUSE-SU-2025-20114-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20114-1 advisory. - Update to version 0.9.23+git.0.9776141: CVE-2025-59044: Fixed GID collision of same-name groups allowing privilege escalation bsc1250687...
SUSE-SU-2025:21158-1 Security update for himmelblau
This update for himmelblau fixes the following issues: - Update to version 0.9.23+git.0.9776141: CVE-2025-59044: Fixed GID collision of same-name groups allowing privilege escalation bsc1250687 depsrust: bump the all-cargo-updates group CVE-2025-58160: tracing-subscriber: Fixed log pollution...
OPENSUSE-SU-2025-20114-1 Security update for himmelblau
This update for himmelblau fixes the following issues: - Update to version 0.9.23+git.0.9776141: CVE-2025-59044: Fixed GID collision of same-name groups allowing privilege escalation bsc1250687 depsrust: bump the all-cargo-updates group CVE-2025-58160: tracing-subscriber: Fixed log pollution...
CVE-2025-59044 Himmelblau vulnerable to GID collision via group name-derived mapping (privilege escalation)
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau 0.9.x derives numeric GIDs for Entra ID groups from the group display name when himmelblau.conf idattrmap = name the default configuration. Because Microsoft Entra ID allows multiple groups with the same...
CVE-2025-59044 Himmelblau vulnerable to GID collision via group name-derived mapping (privilege escalation)
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau 0.9.x derives numeric GIDs for Entra ID groups from the group display name when himmelblau.conf idattrmap = name the default configuration. Because Microsoft Entra ID allows multiple groups with the same...