Sudo@* Security Vulnerabilities and Issues — Sudo@* CVE List

Lucene search

Sudo ProjectSudo*

9 matches found

CVE•added 2019/10/17 6:15 p.m.•630 views

CVE-2019-14287

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo...

9CVSS8.7AI score0.84563EPSS

CVE•added 2021/01/12 9:15 a.m.•353 views

CVE-2021-23239

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.

2.5CVSS5.5AI score0.0004EPSS

CVE•added 2021/01/12 9:15 a.m.•295 views

CVE-2021-23240

selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not ...

7.8CVSS7.8AI score0.00172EPSS

CVE•added 2023/12/22 4:15 p.m.•250 views

CVE-2023-42465

Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.

7CVSS7.1AI score0.00004EPSS

CVE•added 2023/03/16 1:15 a.m.•153 views

CVE-2023-28486

Sudo before 1.9.13 does not escape control characters in log messages.

5.3CVSS5.4AI score0.00102EPSS

CVE•added 2025/06/30 9:15 p.m.•145 views

CVE-2025-32462

Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.

8.8CVSS7.3AI score0.29711EPSS

CVE•added 2023/03/16 1:15 a.m.•142 views

CVE-2023-28487

Sudo before 1.9.13 does not escape control characters in sudoreplay output.

5.3CVSS5.4AI score0.00102EPSS

CVE•added 2023/12/23 11:15 p.m.•77 views

CVE-2023-7090

A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore, it leads to privilege mismanagement vulnerability in applications, where client hosts retain privileges even after retracting them.

8.8CVSS7.3AI score0.00046EPSS

CVE•added 2003/04/02 5:0 a.m.•74 views

CVE-2002-0184

Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.

7.8CVSS7.9AI score0.00212EPSS