VulnerableCode Package Details - pkg:deb/debian/sudo@1.9.16p2-3%2Bdeb13u1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/sudo@1.9.16p2-3%2Bdeb13u1

Essentials
History (6)

purl	pkg:deb/debian/sudo@1.9.16p2-3%2Bdeb13u1

Next non-vulnerable version	1.9.17p2-5
Latest non-vulnerable version	1.9.17p2-5
Risk	3.4

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-pwmy-f5qe-s3d1 Aliases: CVE-2026-35535	In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.	1.9.17p2-5 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-m9xh-9ac2-eycq	A vulnerability has been discovered in sudo which can lead to execution manipulation through rowhammer-style memory manipulation.	CVE-2023-42465

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T10:41:32.802421+00:00	Debian Importer	Affected by	VCID-pwmy-f5qe-s3d1	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:51:27.442478+00:00	Debian Importer	Fixing	VCID-m9xh-9ac2-eycq	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T07:13:58.611969+00:00	Debian Importer	Affected by	VCID-pwmy-f5qe-s3d1	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:56:56.568228+00:00	Debian Importer	Fixing	VCID-m9xh-9ac2-eycq	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-08T18:48:17.398904+00:00	Debian Importer	Affected by	VCID-pwmy-f5qe-s3d1	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-07T05:58:38.721581+00:00	Debian Importer	Fixing	VCID-m9xh-9ac2-eycq	https://security-tracker.debian.org/tracker/data/json	38.1.0