CVE-2025-66433

Publication date 30 November 2025

Last updated 3 December 2025

Ubuntu priority

Description

HTCondor Access Point before 25.3.1 allows an authenticated user to impersonate other users on the local machine by submitting a batch job. This is fixed in 24.12.14, 25.0.3, and 25.3.1. The earliest affected version is 24.7.3.

Status

Show unmaintained releases

Package	Ubuntu Release	Status

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2025-66433
https://htcondor.org/security/vulnerabilities/HTCONDOR-2025-0002.html

CVE-2025-66433

Description

Status

References

Other references

Access our resources on patching vulnerabilities