Opendoas_project Opendoas
2 CVEs affecting Opendoas_project Opendoas. Latest disclosed: 2023-03-14. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-28339 | High | 8.8 | 2023-03-14 | OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session. NOTE: TIOCSTI is unavai… |
CVE-2019-25016 | High | 8.8 | 2021-01-28 | In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly inherited by authenticated executions if the authenticating rule allowed the user to execut… |