ipa-server (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package ipa-server, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2025-4404 — CVSS 9.1 (critical): A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the…
CVE-2025-7493 — CVSS 9.1 (critical): A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where…
CVE-2024-2698 — CVSS 8.8 (high): A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the…
CVE-2024-3183 — CVSS 8.1 (high): A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different…
CVE-2023-5455 — CVSS 6.5 (medium): A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an…
CVE-2024-11029 — CVSS 5.5 (medium): A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the…
CVE-2024-1481 — CVSS 5.3 (medium): A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with parameters that can be interpreted as…