Known Vulnerabilities for Sudo by Sudo Project

Listed below are 10 of the newest known vulnerabilities associated with "Sudo" by "Sudo Project".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2026-34397	Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From versions 2.0.0-alpha to before 2.3.9 an...	Not Provided	2026-04-01	2026-04-01
CVE-2026-33765	Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application...	Not Provided	2026-03-27	2026-04-01
CVE-2021-23240	selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalat...	7.8 - HIGH	2021-01-12	2023-11-07
CVE-2021-23239	The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence te...	2.5 - LOW	2021-01-12	2023-11-07
CVE-2021-3156	Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege esca...	7.8 - HIGH	2021-01-26	2024-02-04
CVE-2019-18684	DISPUTED Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of t...	7 - HIGH	2019-11-04	2023-11-07
CVE-2019-18634	In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privi...	7.8 - HIGH	2020-01-29	2023-11-07
CVE-2019-14287	In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session...	8.8 - HIGH	2019-10-17	2023-11-07
CVE-2017-1000368	Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_t...	8.2 - HIGH	2017-06-05	2019-05-29
CVE-2017-1000367	Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyna...	6.4 - MEDIUM	2017-06-05	2023-11-07

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Sudo Project	Sudo	1.9.5	-	All	All
Application	Sudo Project	Sudo	1.9.5	p1	All	All
Application	Sudo Project	Sudo	1.9.5	p2	All	All
Application	Sudo Project	Sudo	1.9.4	-	All	All
Application	Sudo Project	Sudo	1.9.4	p1	All	All
Application	Sudo Project	Sudo	1.9.4	p2	All	All
Application	Sudo Project	Sudo	1.9.3	-	All	All
Application	Sudo Project	Sudo	1.9.3	p1	All	All
Application	Sudo Project	Sudo	1.9.2	All	All	All
Application	Sudo Project	Sudo	1.9.1	All	All	All
Application	Sudo Project	Sudo	1.9.0	All	All	All
Application	Sudo Project	Sudo	1.8.9	All	All	All
Application	Sudo Project	Sudo	1.8.9	-	All	All
Application	Sudo Project	Sudo	1.8.9	p1	All	All
Application	Sudo Project	Sudo	1.8.9	p2	All	All
Application	Sudo Project	Sudo	1.8.9	p3	All	All
Application	Sudo Project	Sudo	1.8.9	p4	All	All
Application	Sudo Project	Sudo	1.8.9	p5	All	All
Application	Sudo Project	Sudo	1.8.8	All	All	All
Application	Sudo Project	Sudo	1.8.7	All	All	All

Results limited to 20 most recent known configurations