Filtered by vendor Canonical
Subscriptions
Filtered by product Authd
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-9313 | 1 Canonical | 1 Authd | 2025-08-26 | 8.8 High |
| Authd PAM module before version 0.3.5 can allow broker-managed users to impersonate any other user managed by the same broker and perform any PAM operation with it, including authenticating as them. | ||||
| CVE-2024-9312 | 2 Canonical, Ubuntu | 2 Authd, Authd | 2025-08-26 | 7.5 High |
| Authd, through version 0.3.6, did not sufficiently randomize user IDs to prevent collisions. A local attacker who can register user names could spoof another user's ID and gain their privileges. | ||||
| CVE-2025-5689 | 1 Canonical | 1 Authd | 2025-08-26 | 8.5 High |
| A flaw was found in the temporary user record that authd uses in the pre-auth NSS. As a result, a user login for the first time will be considered to be part of the root group in the context of that SSH session. | ||||
Page 1 of 1.