pam
Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
Description | PAM (Pluggable Authentication Modules) library |
Version | 1.7.1-1 [core] |
Open
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-2901 | 1.7.0-2 | High | Vulnerable |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2025-6020 | AVG-2901 | High | No | Arbitrary filesystem access | The module pam_namespace in linux-pam <= 1.7.0 may access user- controlled paths without proper protections, which allows a local user to elevate their... |
Resolved
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-1297 | 1.5.0-1 | 1.5.0-2 | High | Fixed |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2020-27780 | AVG-1297 | High | No | Authentication bypass | An authentication bypass issue was found in pam 1.5.0. Nonexistent users could authenticate if the root password was empty. |
Advisories
Date | Advisory | Group | Severity | Type |
---|---|---|---|---|
09 Dec 2020 | ASA-202012-13 | AVG-1297 | High | authentication bypass |