Latest freeipa freeipa Vulnerabilities

CVE-2023-5455
Ipa: invalid csrf protection
Freeipa Freeipa<4.6.10
Freeipa Freeipa>=4.7.0<4.9.14
Freeipa Freeipa>=4.10.0<4.10.3
Freeipa Freeipa=4.11.0
Freeipa Freeipa=4.11.0-beta1
Fedoraproject Fedora=38
and 54 more
CVE-2020-1722
A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading t...
redhat/ipa<0:4.6.8-5.el7
Freeipa Freeipa>=4.0.0<=4.8.0
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
CVE-2012-5631
ipa 3.0 does not properly check server identity before sending credential containing cookies
Freeipa Freeipa=3.0.0
CVE-2019-14867
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components ...
redhat/FreeIPA<4.6.7
redhat/FreeIPA<4.7.4
redhat/FreeIPA<4.8.3
Freeipa Freeipa>=4.6.0<4.6.7
Freeipa Freeipa>=4.7.0<4.7.4
Freeipa Freeipa>=4.8.0<4.8.3
and 2 more
CVE-2019-14826
A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this flaw if they obtain previously valid session cookies and can...
Freeipa Freeipa>=4.5.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
CVE-2019-10195
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This in...
Freeipa Freeipa>=4.6.0<4.6.7
Freeipa Freeipa>=4.7.0<4.7.4
Freeipa Freeipa>=4.8.0<4.8.3
Fedoraproject Fedora=30
Fedoraproject Fedora=31
redhat/FreeIPA<4.6.7
and 10 more
CVE-2017-2590
A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorize...
Freeipa Freeipa<4.4.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux Desktop=7.0
Redhat Enterprise Linux Server=7.0
Redhat Enterprise Linux Server Aus=7.3
Redhat Enterprise Linux Server Aus=7.4
and 4 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203