Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/sudo@1.9.13p3-1%2Bdeb12u3
Typedeb
Namespacedebian
Namesudo
Version1.9.13p3-1+deb12u3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.9.17p2-5
Latest_non_vulnerable_version1.9.17p2-5
Affected_by_vulnerabilities
0
url VCID-m9xh-9ac2-eycq
vulnerability_id VCID-m9xh-9ac2-eycq
summary A vulnerability has been discovered in sudo which can lead to execution manipulation through rowhammer-style memory manipulation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42465.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42465.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-42465
reference_id
reference_type
scores
0
value 4e-05
scoring_system epss
scoring_elements 0.00137
published_at 2026-04-09T12:55:00Z
1
value 4e-05
scoring_system epss
scoring_elements 0.00136
published_at 2026-04-08T12:55:00Z
2
value 4e-05
scoring_system epss
scoring_elements 0.00141
published_at 2026-04-21T12:55:00Z
3
value 4e-05
scoring_system epss
scoring_elements 0.00139
published_at 2026-04-12T12:55:00Z
4
value 4e-05
scoring_system epss
scoring_elements 0.00138
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-42465
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42465
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42465
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2255568
reference_id 2255568
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2255568
5
reference_url https://security.gentoo.org/glsa/202401-29
reference_id GLSA-202401-29
reference_type
scores
url https://security.gentoo.org/glsa/202401-29
6
reference_url https://access.redhat.com/errata/RHSA-2024:0811
reference_id RHSA-2024:0811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0811
7
reference_url https://access.redhat.com/errata/RHSA-2024:1383
reference_id RHSA-2024:1383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1383
fixed_packages
0
url pkg:deb/debian/sudo@1.9.16p2-3%2Bdeb13u1
purl pkg:deb/debian/sudo@1.9.16p2-3%2Bdeb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pwmy-f5qe-s3d1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sudo@1.9.16p2-3%252Bdeb13u1
aliases CVE-2023-42465
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m9xh-9ac2-eycq
1
url VCID-pwmy-f5qe-s3d1
vulnerability_id VCID-pwmy-f5qe-s3d1
summary In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35535.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35535.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35535
reference_id
reference_type
scores
0
value 4e-05
scoring_system epss
scoring_elements 0.00184
published_at 2026-04-04T12:55:00Z
1
value 4e-05
scoring_system epss
scoring_elements 0.00181
published_at 2026-04-08T12:55:00Z
2
value 5e-05
scoring_system epss
scoring_elements 0.00269
published_at 2026-04-16T12:55:00Z
3
value 5e-05
scoring_system epss
scoring_elements 0.00272
published_at 2026-04-13T12:55:00Z
4
value 5e-05
scoring_system epss
scoring_elements 0.00273
published_at 2026-04-12T12:55:00Z
5
value 5e-05
scoring_system epss
scoring_elements 0.00276
published_at 2026-04-11T12:55:00Z
6
value 5e-05
scoring_system epss
scoring_elements 0.00277
published_at 2026-04-09T12:55:00Z
7
value 5e-05
scoring_system epss
scoring_elements 0.00292
published_at 2026-04-21T12:55:00Z
8
value 5e-05
scoring_system epss
scoring_elements 0.00271
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35535
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35535
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35535
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/1130593
reference_id 1130593
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-03T13:14:52Z/
url https://bugs.debian.org/1130593
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130593
reference_id 1130593
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130593
6
reference_url https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/2143042
reference_id 2143042
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-03T13:14:52Z/
url https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/2143042
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454714
reference_id 2454714
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454714
8
reference_url https://github.com/sudo-project/sudo/commit/3e474c2f201484be83d994ae10a4e20e8c81bb69
reference_id 3e474c2f201484be83d994ae10a4e20e8c81bb69
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-03T13:14:52Z/
url https://github.com/sudo-project/sudo/commit/3e474c2f201484be83d994ae10a4e20e8c81bb69
9
reference_url https://www.qualys.com/2026/03/10/crack-armor.txt
reference_id crack-armor.txt
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-03T13:14:52Z/
url https://www.qualys.com/2026/03/10/crack-armor.txt
fixed_packages
0
url pkg:deb/debian/sudo@1.9.17p2-5
purl pkg:deb/debian/sudo@1.9.17p2-5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sudo@1.9.17p2-5
aliases CVE-2026-35535
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pwmy-f5qe-s3d1
Fixing_vulnerabilities
0
url VCID-3hfe-p6e3-tbe9
vulnerability_id VCID-3hfe-p6e3-tbe9
summary Multiple vulnerabilities have been found in sudo, the worst of which can result in root privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28487.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28487.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-28487
reference_id
reference_type
scores
0
value 0.00108
scoring_system epss
scoring_elements 0.29098
published_at 2026-04-02T12:55:00Z
1
value 0.00136
scoring_system epss
scoring_elements 0.333
published_at 2026-04-07T12:55:00Z
2
value 0.00136
scoring_system epss
scoring_elements 0.33344
published_at 2026-04-08T12:55:00Z
3
value 0.00136
scoring_system epss
scoring_elements 0.33378
published_at 2026-04-09T12:55:00Z
4
value 0.00136
scoring_system epss
scoring_elements 0.33381
published_at 2026-04-11T12:55:00Z
5
value 0.00136
scoring_system epss
scoring_elements 0.33339
published_at 2026-04-12T12:55:00Z
6
value 0.00136
scoring_system epss
scoring_elements 0.33316
published_at 2026-04-13T12:55:00Z
7
value 0.00136
scoring_system epss
scoring_elements 0.33356
published_at 2026-04-16T12:55:00Z
8
value 0.00136
scoring_system epss
scoring_elements 0.33332
published_at 2026-04-18T12:55:00Z
9
value 0.00136
scoring_system epss
scoring_elements 0.33297
published_at 2026-04-21T12:55:00Z
10
value 0.00136
scoring_system epss
scoring_elements 0.33462
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-28487
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28487
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28487
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2179273
reference_id 2179273
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2179273
5
reference_url https://security.gentoo.org/glsa/202309-12
reference_id GLSA-202309-12
reference_type
scores
url https://security.gentoo.org/glsa/202309-12
6
reference_url https://access.redhat.com/errata/RHSA-2024:0811
reference_id RHSA-2024:0811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0811
7
reference_url https://access.redhat.com/errata/RHSA-2024:1383
reference_id RHSA-2024:1383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1383
8
reference_url https://usn.ubuntu.com/6005-1/
reference_id USN-6005-1
reference_type
scores
url https://usn.ubuntu.com/6005-1/
9
reference_url https://usn.ubuntu.com/6005-2/
reference_id USN-6005-2
reference_type
scores
url https://usn.ubuntu.com/6005-2/
fixed_packages
0
url pkg:deb/debian/sudo@1.9.13p3-1%2Bdeb12u3
purl pkg:deb/debian/sudo@1.9.13p3-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-m9xh-9ac2-eycq
1
vulnerability VCID-pwmy-f5qe-s3d1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sudo@1.9.13p3-1%252Bdeb12u3
aliases CVE-2023-28487
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3hfe-p6e3-tbe9
1
url VCID-e9ra-cfnz-m3hg
vulnerability_id VCID-e9ra-cfnz-m3hg
summary A vulnerability has been discovered in sudo which could result in denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43995.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43995.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43995
reference_id
reference_type
scores
0
value 0.00084
scoring_system epss
scoring_elements 0.24561
published_at 2026-04-04T12:55:00Z
1
value 0.00084
scoring_system epss
scoring_elements 0.24526
published_at 2026-04-02T12:55:00Z
2
value 0.00084
scoring_system epss
scoring_elements 0.24456
published_at 2026-04-09T12:55:00Z
3
value 0.00084
scoring_system epss
scoring_elements 0.24412
published_at 2026-04-08T12:55:00Z
4
value 0.00084
scoring_system epss
scoring_elements 0.24343
published_at 2026-04-07T12:55:00Z
5
value 0.00095
scoring_system epss
scoring_elements 0.26253
published_at 2026-04-21T12:55:00Z
6
value 0.00095
scoring_system epss
scoring_elements 0.26411
published_at 2026-04-11T12:55:00Z
7
value 0.00095
scoring_system epss
scoring_elements 0.26365
published_at 2026-04-12T12:55:00Z
8
value 0.00095
scoring_system epss
scoring_elements 0.26306
published_at 2026-04-13T12:55:00Z
9
value 0.00095
scoring_system epss
scoring_elements 0.26316
published_at 2026-04-16T12:55:00Z
10
value 0.00095
scoring_system epss
scoring_elements 0.26289
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43995
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43995
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43995
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2139911
reference_id 2139911
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-05T13:44:44Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2139911
5
reference_url https://www.sudo.ws/security/advisories/
reference_id advisories
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-05T13:44:44Z/
url https://www.sudo.ws/security/advisories/
6
reference_url https://github.com/sudo-project/sudo/commit/bd209b9f16fcd1270c13db27ae3329c677d48050
reference_id bd209b9f16fcd1270c13db27ae3329c677d48050
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-05T13:44:44Z/
url https://github.com/sudo-project/sudo/commit/bd209b9f16fcd1270c13db27ae3329c677d48050
7
reference_url https://security.gentoo.org/glsa/202211-08
reference_id GLSA-202211-08
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-05T13:44:44Z/
url https://security.gentoo.org/glsa/202211-08
8
reference_url https://news.ycombinator.com/item?id=33465707
reference_id item?id=33465707
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-05T13:44:44Z/
url https://news.ycombinator.com/item?id=33465707
fixed_packages
0
url pkg:deb/debian/sudo@1.9.13p3-1%2Bdeb12u3
purl pkg:deb/debian/sudo@1.9.13p3-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-m9xh-9ac2-eycq
1
vulnerability VCID-pwmy-f5qe-s3d1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sudo@1.9.13p3-1%252Bdeb12u3
aliases CVE-2022-43995
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e9ra-cfnz-m3hg
2
url VCID-ethj-8jmj-5fdh
vulnerability_id VCID-ethj-8jmj-5fdh
summary Multiple vulnerabilities have been found in sudo, the worst of which can result in root privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28486.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28486.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-28486
reference_id
reference_type
scores
0
value 0.00108
scoring_system epss
scoring_elements 0.29098
published_at 2026-04-02T12:55:00Z
1
value 0.00136
scoring_system epss
scoring_elements 0.333
published_at 2026-04-07T12:55:00Z
2
value 0.00136
scoring_system epss
scoring_elements 0.33344
published_at 2026-04-08T12:55:00Z
3
value 0.00136
scoring_system epss
scoring_elements 0.33378
published_at 2026-04-09T12:55:00Z
4
value 0.00136
scoring_system epss
scoring_elements 0.33381
published_at 2026-04-11T12:55:00Z
5
value 0.00136
scoring_system epss
scoring_elements 0.33339
published_at 2026-04-12T12:55:00Z
6
value 0.00136
scoring_system epss
scoring_elements 0.33316
published_at 2026-04-13T12:55:00Z
7
value 0.00136
scoring_system epss
scoring_elements 0.33356
published_at 2026-04-16T12:55:00Z
8
value 0.00136
scoring_system epss
scoring_elements 0.33332
published_at 2026-04-18T12:55:00Z
9
value 0.00136
scoring_system epss
scoring_elements 0.33297
published_at 2026-04-21T12:55:00Z
10
value 0.00136
scoring_system epss
scoring_elements 0.33462
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-28486
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28486
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28486
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2179272
reference_id 2179272
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2179272
5
reference_url https://security.gentoo.org/glsa/202309-12
reference_id GLSA-202309-12
reference_type
scores
url https://security.gentoo.org/glsa/202309-12
6
reference_url https://access.redhat.com/errata/RHSA-2024:0811
reference_id RHSA-2024:0811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0811
7
reference_url https://access.redhat.com/errata/RHSA-2024:1383
reference_id RHSA-2024:1383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1383
8
reference_url https://usn.ubuntu.com/6005-1/
reference_id USN-6005-1
reference_type
scores
url https://usn.ubuntu.com/6005-1/
9
reference_url https://usn.ubuntu.com/6005-2/
reference_id USN-6005-2
reference_type
scores
url https://usn.ubuntu.com/6005-2/
fixed_packages
0
url pkg:deb/debian/sudo@1.9.13p3-1%2Bdeb12u3
purl pkg:deb/debian/sudo@1.9.13p3-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-m9xh-9ac2-eycq
1
vulnerability VCID-pwmy-f5qe-s3d1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sudo@1.9.13p3-1%252Bdeb12u3
aliases CVE-2023-28486
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ethj-8jmj-5fdh
3
url VCID-ngg5-bqw7-bbc4
vulnerability_id VCID-ngg5-bqw7-bbc4
summary Multiple vulnerabilities have been discovered in sudo, the worst of which could result in privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32462.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32462.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-32462
reference_id
reference_type
scores
0
value 0.21724
scoring_system epss
scoring_elements 0.95759
published_at 2026-04-21T12:55:00Z
1
value 0.21724
scoring_system epss
scoring_elements 0.95716
published_at 2026-04-02T12:55:00Z
2
value 0.21724
scoring_system epss
scoring_elements 0.95723
published_at 2026-04-04T12:55:00Z
3
value 0.21724
scoring_system epss
scoring_elements 0.95727
published_at 2026-04-07T12:55:00Z
4
value 0.21724
scoring_system epss
scoring_elements 0.95735
published_at 2026-04-08T12:55:00Z
5
value 0.21724
scoring_system epss
scoring_elements 0.95739
published_at 2026-04-09T12:55:00Z
6
value 0.21724
scoring_system epss
scoring_elements 0.95743
published_at 2026-04-11T12:55:00Z
7
value 0.21724
scoring_system epss
scoring_elements 0.95742
published_at 2026-04-12T12:55:00Z
8
value 0.21724
scoring_system epss
scoring_elements 0.95744
published_at 2026-04-13T12:55:00Z
9
value 0.21724
scoring_system epss
scoring_elements 0.95754
published_at 2026-04-16T12:55:00Z
10
value 0.21724
scoring_system epss
scoring_elements 0.95757
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-32462
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32462
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32462
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://www.openwall.com/lists/oss-security/2025/06/30/2
reference_id 2
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-01T13:25:34Z/
url https://www.openwall.com/lists/oss-security/2025/06/30/2
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2374692
reference_id 2374692
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2374692
6
reference_url https://www.sudo.ws/security/advisories/
reference_id advisories
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-01T13:25:34Z/
url https://www.sudo.ws/security/advisories/
7
reference_url https://www.sudo.ws/releases/changelog/
reference_id changelog
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-01T13:25:34Z/
url https://www.sudo.ws/releases/changelog/
8
reference_url https://access.redhat.com/security/cve/cve-2025-32462
reference_id cve-2025-32462
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-01T13:25:34Z/
url https://access.redhat.com/security/cve/cve-2025-32462
9
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52354.txt
reference_id CVE-2025-32462
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52354.txt
10
reference_url https://security-tracker.debian.org/tracker/CVE-2025-32462
reference_id CVE-2025-32462
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-01T13:25:34Z/
url https://security-tracker.debian.org/tracker/CVE-2025-32462
11
reference_url https://explore.alas.aws.amazon.com/CVE-2025-32462.html
reference_id CVE-2025-32462.html
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-01T13:25:34Z/
url https://explore.alas.aws.amazon.com/CVE-2025-32462.html
12
reference_url https://www.suse.com/security/cve/CVE-2025-32462.html
reference_id CVE-2025-32462.html
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-01T13:25:34Z/
url https://www.suse.com/security/cve/CVE-2025-32462.html
13
reference_url https://security.gentoo.org/glsa/202507-01
reference_id GLSA-202507-01
reference_type
scores
url https://security.gentoo.org/glsa/202507-01
14
reference_url https://www.sudo.ws/security/advisories/host_any/
reference_id host_any
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-01T13:25:34Z/
url https://www.sudo.ws/security/advisories/host_any/
15
reference_url https://lists.debian.org/debian-security-announce/2025/msg00118.html
reference_id msg00118.html
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-01T13:25:34Z/
url https://lists.debian.org/debian-security-announce/2025/msg00118.html
16
reference_url https://access.redhat.com/errata/RHSA-2025:10110
reference_id RHSA-2025:10110
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10110
17
reference_url https://access.redhat.com/errata/RHSA-2025:10383
reference_id RHSA-2025:10383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10383
18
reference_url https://access.redhat.com/errata/RHSA-2025:10518
reference_id RHSA-2025:10518
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10518
19
reference_url https://access.redhat.com/errata/RHSA-2025:10520
reference_id RHSA-2025:10520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10520
20
reference_url https://access.redhat.com/errata/RHSA-2025:10707
reference_id RHSA-2025:10707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10707
21
reference_url https://access.redhat.com/errata/RHSA-2025:10767
reference_id RHSA-2025:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10767
22
reference_url https://access.redhat.com/errata/RHSA-2025:10771
reference_id RHSA-2025:10771
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10771
23
reference_url https://access.redhat.com/errata/RHSA-2025:10779
reference_id RHSA-2025:10779
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10779
24
reference_url https://access.redhat.com/errata/RHSA-2025:10781
reference_id RHSA-2025:10781
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10781
25
reference_url https://access.redhat.com/errata/RHSA-2025:10835
reference_id RHSA-2025:10835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10835
26
reference_url https://access.redhat.com/errata/RHSA-2025:10836
reference_id RHSA-2025:10836
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10836
27
reference_url https://access.redhat.com/errata/RHSA-2025:10871
reference_id RHSA-2025:10871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10871
28
reference_url https://access.redhat.com/errata/RHSA-2025:11537
reference_id RHSA-2025:11537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11537
29
reference_url https://access.redhat.com/errata/RHSA-2025:12323
reference_id RHSA-2025:12323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:12323
30
reference_url https://access.redhat.com/errata/RHSA-2025:12370
reference_id RHSA-2025:12370
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:12370
31
reference_url https://access.redhat.com/errata/RHSA-2025:12437
reference_id RHSA-2025:12437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:12437
32
reference_url https://access.redhat.com/errata/RHSA-2025:13289
reference_id RHSA-2025:13289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13289
33
reference_url https://access.redhat.com/errata/RHSA-2025:15672
reference_id RHSA-2025:15672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15672
34
reference_url https://access.redhat.com/errata/RHSA-2025:9978
reference_id RHSA-2025:9978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9978
35
reference_url https://bugs.gentoo.org/show_bug.cgi?id=CVE-2025-32462
reference_id show_bug.cgi?id=CVE-2025-32462
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-01T13:25:34Z/
url https://bugs.gentoo.org/show_bug.cgi?id=CVE-2025-32462
36
reference_url https://www.secpod.com/blog/sudo-lpe-vulnerabilities-resolved-what-you-need-to-know-about-cve-2025-32462-and-cve-2025-32463/
reference_id sudo-lpe-vulnerabilities-resolved-what-you-need-to-know-about-cve-2025-32462-and-cve-2025-32463
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-01T13:25:34Z/
url https://www.secpod.com/blog/sudo-lpe-vulnerabilities-resolved-what-you-need-to-know-about-cve-2025-32462-and-cve-2025-32463/
37
reference_url https://ubuntu.com/security/notices/USN-7604-1
reference_id USN-7604-1
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-01T13:25:34Z/
url https://ubuntu.com/security/notices/USN-7604-1
38
reference_url https://usn.ubuntu.com/7604-1/
reference_id USN-7604-1
reference_type
scores
url https://usn.ubuntu.com/7604-1/
39
reference_url https://usn.ubuntu.com/7604-2/
reference_id USN-7604-2
reference_type
scores
url https://usn.ubuntu.com/7604-2/
40
reference_url https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host
reference_id vulnerability-alert-CVE-2025-32462-sudo-host
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-01T13:25:34Z/
url https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host
fixed_packages
0
url pkg:deb/debian/sudo@1.9.13p3-1%2Bdeb12u3
purl pkg:deb/debian/sudo@1.9.13p3-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-m9xh-9ac2-eycq
1
vulnerability VCID-pwmy-f5qe-s3d1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sudo@1.9.13p3-1%252Bdeb12u3
aliases CVE-2025-32462
risk_score 10.0
exploitability 2.0
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ngg5-bqw7-bbc4
Risk_score3.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/sudo@1.9.13p3-1%252Bdeb12u3