CVE-2022-39245

Mist is the command-line interface for the makedeb Package Repository. Prior to version 0.9.5, a user-provided sudo binary via the PATH variable can allow a local user to run arbitrary commands on the user's system with root permissions. Versions 0.9.5 and later contain a patch. No known...

CVE-2022-39245

creationtimestamp| type| source ---|---|--- 2022-09-26 18:36:26+00:00| seen| https://t.me/cibsecurity/50488...

CVE-2022-39245 Mist vulnerable to user providing a Sudo binary for authentication checks

Mist is the command-line interface for the makedeb Package Repository. Prior to version 0.9.5, a user-provided sudo binary via the PATH variable can allow a local user to run arbitrary commands on the user's system with root permissions. Versions 0.9.5 and later contain a patch. No known...

CVE-2022-39245

CVE-2022-39245 affects Mist, the CLI for the makedeb package repository. Before version 0.9.5, a local user could inject a user-provided sudo binary via PATH, causing arbitrary commands to run with root privileges. The issue is fixed in versions 0.9.5 and later (patch applied); no public workarou...