Known Vulnerabilities for products from Shadow Project
Listed below are 4 of the newest known vulnerabilities associated with the vendor "Shadow Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2019-19882 | shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root... | 7.8 - HIGH | 2019-12-18 | 2020-08-25 |
| CVE-2018-7169 | An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in ... | 5.3 - MEDIUM | 2018-02-15 | 2019-10-03 |
| CVE-2017-12424 | In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the author... | 9.8 - CRITICAL | 2017-08-04 | 2021-03-23 |
| CVE-2016-6252 | Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap. | 7.8 - HIGH | 2017-02-17 | 2017-11-04 |
Known software with vulnerabilities from Shadow Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Shadow Project | Shadow | 4.0.0 |