Security update for kanidm (moderate)

openSUSE Security Update: Security update for kanidm Announcement ID: openSUSE-SU-2025:0152-1 Rating: moderate References: 1242642 Cross-References: CVE-2025-3416 CVSS scores: CVE-2025-3416 SUSE: 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE...

CVE-2026-46689

Kanidm is an identity management platform. Prior to version 1.9.3, a single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses ≈ 4–12 KB drives the recursive-descent PEG parser past the worker thread's stack guard page. Rust responds...

EUVD-2026-36133

Kanidm is an identity management platform. Prior to version 1.9.3, a single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses ≈ 4–12 KB drives the recursive-descent PEG parser past the worker thread's stack guard page. Rust responds...

CVE-2026-46689

Kanidm vuln CVE-2026-46689: An unauthenticated GET to any /scim/v1/... endpoint with a crafted ?filter= (thousands of nested parentheses, ~4–12 KB) can exhaust the parser’s stack due to an unbounded depth in the SCIM filter grammar. This causes a stack overflow and std::process::abort(), terminat...

Kanidm 安全漏洞

Kanidm is a simple and secure identity management platform developed by Kanidm itself. Versions of Kanidm prior to 1.9.3 contained security vulnerabilities. These vulnerabilities were caused by the recursive descent PEG parser in SCIM endpoints, which led to a stack overflow when processing neste...

Security update for kanidm (critical)

openSUSE Security Update: Security update for kanidm Announcement ID: openSUSE-SU-2026:0198-1 Rating: critical References: Affected Products: openSUSE Backports SLE-15-SP6 An update that contains security fixes can now be installed. Description: This update for kanidm fixes the following issues: ...

Security update for kanidm (critical)

openSUSE Security Update: Security update for kanidm Announcement ID: openSUSE-SU-2026:0192-1 Rating: critical References: Affected Products: openSUSE Backports SLE-15-SP7 An update that contains security fixes can now be installed. Description: This update for kanidm fixes the following issues: ...

GHSA-53HJ-R94P-8C8F Kanidm has non-constant-time comparison of OAuth2 client_secret

Summary The kanidmd OAuth2 token-exchange /oauth2/token and token-introspection /oauth2/token/introspect endpoints compare the supplied clientsecret against the stored secret using Rust's PartialEq on String, which short-circuits on the first mismatching byte. This produces an observable timing...

PT-2026-41980

Name of the Vulnerable Software and Affected Versions Kanidm versions prior to 1.9.3 Description An unauthenticated GET request to any /scim/v1/... endpoint using a ?filter= query string containing several thousand nested parentheses approximately 4–12 KB can cause a stack overflow. This occurs...

CVE-2026-46689

creationtimestamp| type| source ---|---|--- 2026-04-30 02:48:09+00:00| published-proof-of-concept| https://github.com/kanidm/kanidm/security/advisories/GHSA-r5fr-9gmv-jggh 2026-06-10 22:49:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnxsaqoled26...

openSUSE 15 Security Update : kanidm (openSUSE-SU-2025:0152-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2025:0152-1 advisory. - Update to version 1.6.2git0.a20663ea8: Release 1.6.2 fix: clippy maint: typo in log message Set kid manually to prevent divergence Order keys in...

OPENSUSE-SU-2025:0152-1 Security update for kanidm

This update for kanidm fixes the following issues: - Update to version 1.6.2git0.a20663ea8: Release 1.6.2 fix: clippy maint: typo in log message Set kid manually to prevent divergence Order keys in application JWKS / Fix rotation bug Fix toml issues with strings - Update to version...

kanidm-1.6.0~git0.d7ae0f336-1.1 on GA media (moderate)

kanidm-1.6.0git0.d7ae0f336-1.1 on GA media Announcement ID: openSUSE-SU-2025:15060-1 Rating: moderate Cross-References: CVE-2025-3416 CVSS scores: CVE-2025-3416 SUSE : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2025-3416 SUSE : 6.3...

OPENSUSE-SU-2025:15060-1 kanidm-1.6.0~git0.d7ae0f336-1.1 on GA media

These are all security issues fixed in the kanidm-1.6.0git0.d7ae0f336-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-30205 kanidm-provision leaks provisioned admin credentials into the system log

kanidim-provision is a helper utility that uses kanidm's API to provision users, groups and oauth2 systems. Prior to version 1.2.0, a faulty function intrumentation in the optional kanidm patches provided by kandim-provision will cause the provisioned admin credentials to be leaked to the system...

CVE-2025-30205 kanidm-provision leaks provisioned admin credentials into the system log

kanidim-provision is a helper utility that uses kanidm's API to provision users, groups and oauth2 systems. Prior to version 1.2.0, a faulty function intrumentation in the optional kanidm patches provided by kandim-provision will cause the provisioned admin credentials to be leaked to the system...

kanidm-provision 日志信息泄露漏洞

kanidm-provision is a small utility program from the individual developers at oddlama to help configure kanidm. A log information disclosure vulnerability exists in kanidm-provision versions prior to 1.2.0, which stems from a function error in the supplied kanidm patch that causes administrator...

openSUSE 15 Security Update : kanidm (openSUSE-SU-2024:0294-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0294-1 advisory. - kanidm version 1.3.3git0.f075d13: Release 1.3.3 Mail substr index 2981 Tenable has extracted the preceding description block directly from the...

OPENSUSE-SU-2024:0294-1 Security update for kanidm

This update for kanidm fixes the following issues: - kanidm version 1.3.3git0.f075d13: Release 1.3.3 Mail substr index 2981...

Security update for kanidm (moderate)

openSUSE Security Update: Security update for kanidm Announcement ID: openSUSE-SU-2024:0294-1 Rating: moderate References: 1191031 1194119 1196972 1210356 Cross-References: CVE-2021-45710 CVE-2022-24713 CVE-2023-26964 CVSS scores: CVE-2021-45710 SUSE: 3.3...