Описание
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.16.1-1ubuntu1.8 |
| cosmic | ignored | end of life |
| devel | not-affected | 2.2.2-1 |
| disco | ignored | end of life |
| eoan | not-affected | 2.2.0-4ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| esm-infra/bionic | released | 1.16.1-1ubuntu1.8 |
| esm-infra/focal | not-affected | 2.2.2-1 |
| esm-infra/xenial | needed | |
| focal | not-affected | 2.2.2-1 |
Показывать по
EPSS
2.7 Low
CVSS2
5.2 Medium
CVSS3
Связанные уязвимости
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
A vulnerability was found in sssd. If a user was configured with no ho ...
EPSS
2.7 Low
CVSS2
5.2 Medium
CVSS3