4720 matches found
EUVD-2025-176147
Malicious code in sudo-emulate-stack-deploy-psi npm...
EUVD-2025-176146
Malicious code in sudo-reject-mu-proxy-fork npm...
EUVD-2025-179154
Malicious code in emulate-wind-sudo-object-class npm...
EUVD-2025-179849
Malicious code in cat-sudo-node-decrypt-analyze npm...
EUVD-2025-178414
Malicious code in info-byte-simulate-cat-sudo npm...
EUVD-2025-178935
Malicious code in fast-sudo-fire-chi-authenticate npm...
EUVD-2025-179913
Malicious code in cache-simple-awk-sudo-class npm...
EUVD-2025-179377
Malicious code in decompress-sed-sudo-index-nu npm...
Malicious code in sudo-emulate-stack-deploy-psi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56ac55148fee2d109b41c3075f3a4e39294e50decd8f2b0fef35db75ce9175b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-178289
Malicious code in java-simple-void-fork-sudo npm...
CVE-2025-64517
sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...
UBUNTU-CVE-2025-64517
sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...
CVE-2025-64517
sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...
CVE-2025-64517 sudo-rs doesn't record authenticating user properly in timestamp
sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...
CVE-2025-64517
sudo-rs (Rust implementation of sudo) is affected by CVE-2025-64517. Versions prior to 0.2.10 incorrectly recorded the invoking user’s UID in the authentication timestamp when Defaults targetpw/rootpw are enabled, which could allow a highly-privileged user to run commands as other accounts using ...
CVE-2025-64517 sudo-rs doesn't record authenticating user properly in timestamp
sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...
CVE-2025-64517 sudo-rs doesn't record authenticating user properly in timestamp
sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...
GHSA-C978-WQ47-PVVW sudo-rs: Partial password reveal is possible after timeout
Summary If a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered are echoed back to the console. Example Using sudo-rs: geiger@cerberus:$ sudo -s sudo: authenticate Password: sudo-rs:...
sudo-rs: Partial password reveal is possible after timeout
Summary If a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered are echoed back to the console. Example Using sudo-rs: geiger@cerberus:$ sudo -s sudo: authenticate Password: sudo-rs:...
CVE-2025-64170
sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...