Search for packages
| purl | pkg:alpm/archlinux/sudo@1.9.4.p2-2 |
| Next non-vulnerable version | 1.9.5.p1-1 |
| Latest non-vulnerable version | 1.9.5.p2-1 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-6dre-2n2j-aaaj
Aliases: CVE-2021-23239 |
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path. |
Affected by 0 other vulnerabilities. |
|
VCID-ce8c-ym9j-aaaq
Aliases: CVE-2021-3156 |
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. |
Affected by 0 other vulnerabilities. |
|
VCID-y8jn-eyp3-aaar
Aliases: CVE-2021-23240 |
selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:45:44.783071+00:00 | Arch Linux Importer | Affected by | VCID-y8jn-eyp3-aaar | https://security.archlinux.org/AVG-1432 | 36.0.0 |
| 2025-03-28T07:44:13.878861+00:00 | Arch Linux Importer | Affected by | VCID-6dre-2n2j-aaaj | https://security.archlinux.org/AVG-1431 | 36.0.0 |
| 2025-03-28T07:44:13.846611+00:00 | Arch Linux Importer | Affected by | VCID-ce8c-ym9j-aaaq | https://security.archlinux.org/AVG-1431 | 36.0.0 |
| 2024-12-17T23:20:34.804134+00:00 | Arch Linux Importer | Affected by | VCID-6dre-2n2j-aaaj | https://security.archlinux.org/AVG-1431 | 35.0.0 |
| 2024-12-17T23:20:34.350573+00:00 | Arch Linux Importer | Affected by | VCID-ce8c-ym9j-aaaq | https://security.archlinux.org/AVG-1431 | 35.0.0 |
| 2024-09-18T02:00:45.405191+00:00 | Arch Linux Importer | Affected by | VCID-y8jn-eyp3-aaar | https://security.archlinux.org/AVG-1432 | 34.0.1 |
| 2024-09-18T01:59:20.226541+00:00 | Arch Linux Importer | Affected by | VCID-6dre-2n2j-aaaj | https://security.archlinux.org/AVG-1431 | 34.0.1 |
| 2024-09-18T01:59:20.198468+00:00 | Arch Linux Importer | Affected by | VCID-ce8c-ym9j-aaaq | https://security.archlinux.org/AVG-1431 | 34.0.1 |
| 2024-01-10T10:23:56.380153+00:00 | Arch Linux Importer | Affected by | VCID-6dre-2n2j-aaaj | https://security.archlinux.org/AVG-1431 | 34.0.0rc2 |
| 2024-01-10T10:23:56.358800+00:00 | Arch Linux Importer | Affected by | VCID-ce8c-ym9j-aaaq | https://security.archlinux.org/AVG-1431 | 34.0.0rc2 |
| 2024-01-03T22:27:03.538976+00:00 | Arch Linux Importer | Affected by | VCID-y8jn-eyp3-aaar | https://security.archlinux.org/AVG-1432 | 34.0.0rc1 |
| 2024-01-03T22:25:38.098503+00:00 | Arch Linux Importer | Affected by | VCID-6dre-2n2j-aaaj | https://security.archlinux.org/AVG-1431 | 34.0.0rc1 |
| 2024-01-03T22:25:38.072042+00:00 | Arch Linux Importer | Affected by | VCID-ce8c-ym9j-aaaq | https://security.archlinux.org/AVG-1431 | 34.0.0rc1 |