| Max CVSS | 9.0 | Min CVSS | 7.2 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-14287 | 9.0 |
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !r
|
18-04-2022 - 15:45 | 17-10-2019 - 18:15 | |
| CVE-2017-1000368 | 7.2 |
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.
|
29-05-2019 - 19:29 | 05-06-2017 - 16:29 |