Canonical Authd vulnerabilities
3 known vulnerabilities affecting canonical/authd.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-5689HIGHCVSS 8.5fixed in 0.5.4≥ 0.0.0, ≤ 0.5.42025-06-16
CVE-2025-5689 [HIGH] CWE-269 CVE-2025-5689: A flaw was found in the temporary user record that authd uses in the pre-auth NSS. As a result, a us
A flaw was found in the temporary user record that authd uses in the pre-auth NSS. As a result, a user login for the first time will be considered to be part of the root group in the context of that SSH session.
cvelistv5nvd
CVE-2024-9312MEDIUMCVSS 6.4fixed in 0.3.62024-10-10
CVE-2024-9312 [HIGH] CWE-286 CVE-2024-9312: Authd, through version 0.3.6, did not sufficiently randomize user IDs to prevent collisions. A local
Authd, through version 0.3.6, did not sufficiently randomize user IDs to prevent collisions. A local attacker who can register user names could spoof another user's ID and gain their privileges.
nvd
CVE-2024-9313HIGHCVSS 8.8fixed in 0.3.52024-10-03
CVE-2024-9313 [HIGH] CVE-2024-9313: Authd PAM module before version 0.3.5 can allow broker-managed users to impersonate any other user m
Authd PAM module before version 0.3.5 can allow broker-managed users to impersonate any other user managed by the same broker and perform any PAM operation with it, including authenticating as them.
nvd