Approved changes feed: RSS · Atom

cpe:2.3:a:mit:krb5:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorMit (82b7f5d9-694f-5ac9-86aa-26958677636b)
ProductKrb5 (6ea8b90d-5a36-5bc4-aff0-8b10ea9edf01)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2019-14844 vulnerable 2026-06-08 05:12:56.248285 Details available
HIGH (7.5)
A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC.
Published: 2019-09-26T11:50:05.000Z
Updated: 2024-08-05T00:26:39.128Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-7562 vulnerable 2026-06-08 05:09:56.551795 Details available
MEDIUM (6.5)
An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.
Published: 2018-07-26T15:00:00.000Z
Updated: 2024-08-05T16:04:12.058Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.