{ "document": { "aggregate_severity": { "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "CVE-2023-5455: fix CSRF vulnerability by adding Referer header check to all session endpoints\n- CVE-2024-1481: validate Kerberos principal name before kinit and pass it with -- separator to prevent option injection\n- CVE-2024-11029: scrub administrative passwords from process command line and pass OIDC client secret via stdin", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2026:1778881463", "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1778881463" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/almalinux9.2esu/advisories/2026/clsa-2026_1778881463.json" } ], "tracking": { "current_release_date": "2026-05-15T21:45:31Z", "generator": { "date": "2026-05-15T21:45:31Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2026:1778881463", "initial_release_date": "2026-05-15T21:45:31Z", "revision_history": [ { "date": "2026-05-15T21:45:31Z", "number": "1", "summary": "Initial version" } ], "status": "final", "version": "1" }, "title": "ipa: Fix of 3 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "AlmaLinux 9.2", "product": { "name": "AlmaLinux 9.2", "product_id": "AlmaLinux-9.2", "product_identification_helper": { "cpe": "cpe:2.3:o:almalinux:almalinux:9.2:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "AlmaLinux" } ], "category": "vendor", "name": "AlmaLinux OS Foundation" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product": { "name": "ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_id": "ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-server-dns@4.10.1-9.el9_2.alma.1.tuxcare.els3?arch=noarch" } } }, { "category": "product_version", "name": "ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product": { "name": "ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_id": "ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-selinux@4.10.1-9.el9_2.alma.1.tuxcare.els3?arch=noarch" } } }, { "category": "product_version", "name": "ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product": { "name": "ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_id": "ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-server-common@4.10.1-9.el9_2.alma.1.tuxcare.els3?arch=noarch" } } }, { "category": "product_version", "name": "python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product": { "name": "python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_id": "python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/python3-ipatests@4.10.1-9.el9_2.alma.1.tuxcare.els3?arch=noarch" } } }, { "category": "product_version", "name": "python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product": { "name": "python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_id": "python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/python3-ipaserver@4.10.1-9.el9_2.alma.1.tuxcare.els3?arch=noarch" } } }, { "category": "product_version", "name": "ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product": { "name": "ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_id": "ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-client-common@4.10.1-9.el9_2.alma.1.tuxcare.els3?arch=noarch" } } }, { "category": "product_version", "name": "ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product": { "name": "ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_id": "ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-python-compat@4.10.1-9.el9_2.alma.1.tuxcare.els3?arch=noarch" } } }, { "category": "product_version", "name": "python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product": { "name": "python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_id": "python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/python3-ipaclient@4.10.1-9.el9_2.alma.1.tuxcare.els3?arch=noarch" } } }, { "category": "product_version", "name": "python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product": { "name": "python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_id": "python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/python3-ipalib@4.10.1-9.el9_2.alma.1.tuxcare.els3?arch=noarch" } } }, { "category": "product_version", "name": "ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product": { "name": "ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_id": "ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-common@4.10.1-9.el9_2.alma.1.tuxcare.els3?arch=noarch" } } }, { "category": "product_version", "name": "python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product": { "name": "python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_id": "python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/python3-ipaclient@4.10.1-9.el9_2.alma.1.tuxcare.els2?arch=noarch" } } }, { "category": "product_version", "name": "ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product": { "name": "ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_id": "ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-server-dns@4.10.1-9.el9_2.alma.1.tuxcare.els2?arch=noarch" } } }, { "category": "product_version", "name": "ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product": { "name": "ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_id": "ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-python-compat@4.10.1-9.el9_2.alma.1.tuxcare.els2?arch=noarch" } } }, { "category": "product_version", "name": "python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product": { "name": "python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_id": "python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/python3-ipatests@4.10.1-9.el9_2.alma.1.tuxcare.els2?arch=noarch" } } }, { "category": "product_version", "name": "ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product": { "name": "ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_id": "ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-common@4.10.1-9.el9_2.alma.1.tuxcare.els2?arch=noarch" } } }, { "category": "product_version", "name": "python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product": { "name": "python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_id": "python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/python3-ipaserver@4.10.1-9.el9_2.alma.1.tuxcare.els2?arch=noarch" } } }, { "category": "product_version", "name": "ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product": { "name": "ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_id": "ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-server-common@4.10.1-9.el9_2.alma.1.tuxcare.els2?arch=noarch" } } }, { "category": "product_version", "name": "ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product": { "name": "ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_id": "ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-selinux@4.10.1-9.el9_2.alma.1.tuxcare.els2?arch=noarch" } } }, { "category": "product_version", "name": "ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product": { "name": "ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_id": "ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-client-common@4.10.1-9.el9_2.alma.1.tuxcare.els2?arch=noarch" } } }, { "category": "product_version", "name": "python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product": { "name": "python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_id": "python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/python3-ipalib@4.10.1-9.el9_2.alma.1.tuxcare.els2?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "product": { "name": "ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "product_id": "ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-server-trust-ad@4.10.1-9.el9_2.alma.1.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "product": { "name": "ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "product_id": "ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-client-epn@4.10.1-9.el9_2.alma.1.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "product": { "name": "ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "product_id": "ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-client-samba@4.10.1-9.el9_2.alma.1.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "product": { "name": "ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "product_id": "ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-server@4.10.1-9.el9_2.alma.1.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "product": { "name": "ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "product_id": "ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-client@4.10.1-9.el9_2.alma.1.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "product": { "name": "ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "product_id": "ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-server-trust-ad@4.10.1-9.el9_2.alma.1.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "product": { "name": "ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "product_id": "ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-client-samba@4.10.1-9.el9_2.alma.1.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "product": { "name": "ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "product_id": "ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-client@4.10.1-9.el9_2.alma.1.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "product": { "name": "ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "product_id": "ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-server@4.10.1-9.el9_2.alma.1.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "product": { "name": "ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "product_id": "ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/ipa-client-epn@4.10.1-9.el9_2.alma.1.tuxcare.els2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" }, "product_reference": "ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" }, "product_reference": "ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64" }, "product_reference": "ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" }, "product_reference": "ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" }, "product_reference": "python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" }, "product_reference": "python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64" }, "product_reference": "ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" }, "product_reference": "ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" }, "product_reference": "ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" }, "product_reference": "python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64" }, "product_reference": "ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64" }, "product_reference": "ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64" }, "product_reference": "ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" }, "product_reference": "python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" }, "product_reference": "ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" }, "product_reference": "python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64" }, "product_reference": "ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" }, "product_reference": "ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" }, "product_reference": "ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" }, "product_reference": "python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64" }, "product_reference": "ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64" }, "product_reference": "ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" }, "product_reference": "ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" }, "product_reference": "python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64" }, "product_reference": "ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64" }, "product_reference": "ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" }, "product_reference": "ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" }, "product_reference": "ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" }, "product_reference": "ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" }, "product_reference": "python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "relates_to_product_reference": "AlmaLinux-9.2" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-1481", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "description", "text": "A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with parameters that can be interpreted as command arguments to kinit on the FreeIPA server, which can lead to a denial of service.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" ], "known_affected": [ "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-1481" } ], "release_date": "2024-02-20T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-15T21:44:26.274822Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1778881463", "product_ids": [ "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1778881463" }, { "category": "none_available", "date": "2024-02-20T00:00:00Z", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2024-11029", "cwe": { "id": "CWE-497", "name": "Exposure of Sensitive System Information to an Unauthorized Control Sphere" }, "notes": [ { "category": "description", "text": "A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the worst-case scenario, where the journal log is centralized, users with access to it can have improper access to the FreeIPA administrator credentials.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" ], "known_affected": [ "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-11029" } ], "release_date": "2025-01-15T12:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-15T21:44:26.274822Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1778881463", "product_ids": [ "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1778881463" }, { "category": "none_available", "date": "2025-01-15T12:00:00Z", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2023-5455", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "notes": [ { "category": "description", "text": "A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" ], "known_affected": [ "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-5455" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:0137", "url": "https://access.redhat.com/errata/RHSA-2024:0137" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:0138", "url": "https://access.redhat.com/errata/RHSA-2024:0138" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:0139", "url": "https://access.redhat.com/errata/RHSA-2024:0139" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:0140", "url": "https://access.redhat.com/errata/RHSA-2024:0140" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:0141", "url": "https://access.redhat.com/errata/RHSA-2024:0141" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:0142", "url": "https://access.redhat.com/errata/RHSA-2024:0142" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:0143", "url": "https://access.redhat.com/errata/RHSA-2024:0143" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:0144", "url": "https://access.redhat.com/errata/RHSA-2024:0144" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:0145", "url": "https://access.redhat.com/errata/RHSA-2024:0145" }, { "category": "external", "summary": "https://access.redhat.com/security/cve/CVE-2023-5455", "url": "https://access.redhat.com/security/cve/CVE-2023-5455" }, { "category": "external", "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=2242828", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242828" }, { "category": "external", "summary": "https://www.freeipa.org/release-notes/4-10-3.html", "url": "https://www.freeipa.org/release-notes/4-10-3.html" }, { "category": "external", "summary": "https://www.freeipa.org/release-notes/4-11-1.html", "url": "https://www.freeipa.org/release-notes/4-11-1.html" }, { "category": "external", "summary": "https://www.freeipa.org/release-notes/4-6-10.html", "url": "https://www.freeipa.org/release-notes/4-6-10.html" }, { "category": "external", "summary": "https://www.freeipa.org/release-notes/4-9-14.html", "url": "https://www.freeipa.org/release-notes/4-9-14.html" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:0252", "url": "https://access.redhat.com/errata/RHSA-2024:0252" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U76DAZZVY7V4XQBOOV5ETPTHW3A6MW5O/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U76DAZZVY7V4XQBOOV5ETPTHW3A6MW5O/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFNUQH7IOHTKCTKQWFHONWGUBOUANL6I/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFNUQH7IOHTKCTKQWFHONWGUBOUANL6I/" } ], "release_date": "2024-01-10T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-15T21:44:26.274822Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1778881463", "product_ids": [ "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1778881463" }, { "category": "none_available", "date": "2024-01-10T13:15:00Z", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.x86_64", "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els2.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AlmaLinux-9.2:ipa-client-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-client-epn-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-client-samba-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-python-compat-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-selinux-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:ipa-server-common-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-dns-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:ipa-server-trust-ad-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64", "AlmaLinux-9.2:python3-ipaclient-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipalib-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipaserver-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch", "AlmaLinux-9.2:python3-ipatests-0:4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] } ] }