Download
| Alert*
CVE-2023-28487
Sudo before 1.9.13 does not escape control characters in sudoreplay output. CVE-2023-28486 Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-42465 Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit. |