Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Skolelinux Subscribe
Filtered by product Debian-edu-config
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-3467 3 Canonical, Debian, Skolelinux 4 Ubuntu Linux, Debian-lan-config, Debian Linux and 1 more 2022-12-22 7.2 HIGH 7.8 HIGH
Debian-edu-config all versions < 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config < 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals.
CVE-2021-20001 2 Debian, Skolelinux 2 Debian Linux, Debian-edu-config 2022-02-22 7.5 HIGH 9.8 CRITICAL
It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation.