4734 matches found
EUVD-2025-179849
Malicious code in cat-sudo-node-decrypt-analyze npm...
EUVD-2025-175985
Malicious code in test-sudo-notify-meta-orchestrate npm...
EUVD-2025-178443
Malicious code in import-scale-deserialize-sudo-visualize npm...
MAL-2025-187468 Malicious code in info-byte-simulate-cat-sudo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0027d2338d6014bc490d64b292626df8d2de44402c81596a7920b4d4fc8d485b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2025-64517
sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...
CVE-2025-64517
sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...
UBUNTU-CVE-2025-64517
sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...
CVE-2025-64517 sudo-rs doesn't record authenticating user properly in timestamp
sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...
CVE-2025-64517
sudo-rs (Rust implementation of sudo) is affected by CVE-2025-64517. Versions prior to 0.2.10 incorrectly recorded the invoking user’s UID in the authentication timestamp when Defaults targetpw/rootpw are enabled, which could allow a highly-privileged user to run commands as other accounts using ...
CVE-2025-64517 sudo-rs doesn't record authenticating user properly in timestamp
sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...
CVE-2025-64517 sudo-rs doesn't record authenticating user properly in timestamp
sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...
sudo-rs: Partial password reveal is possible after timeout
Summary If a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered are echoed back to the console. Example Using sudo-rs: geiger@cerberus:$ sudo -s sudo: authenticate Password: sudo-rs:...
GHSA-C978-WQ47-PVVW sudo-rs: Partial password reveal is possible after timeout
Summary If a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered are echoed back to the console. Example Using sudo-rs: geiger@cerberus:$ sudo -s sudo: authenticate Password: sudo-rs:...
CVE-2025-64170
sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...
UBUNTU-CVE-2025-64170
sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...
CVE-2025-64170 sudo-rs: Partial password reveal is possible after timeout
sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...
CVE-2025-64170 sudo-rs: Partial password reveal is possible after timeout
sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...
CVE-2025-64170
CVE-2025-64170 affects sudo-rs, a memory-safe Rust implementation of sudo/su. Concrete details from connected documents show a vulnerability that, when a password timeout occurs due to the user typing a password and not pressing return for an extended period, causes the entered keystrokes to be e...
CVE-2025-64170 sudo-rs: Partial password reveal is possible after timeout
sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...
PT-2025-46704
Ubuntu's Rust Transition Hits Another Bump as sudo-rs Security Vulnerabilities Show Up https://t.co/J0uiXr4DC3 - Ubuntu addresses a critical sudo vulnerability CVE-2023-34996, ur...