Vendor
Shadow Project
Products
1
CVEs
3
Across products
3
Status
Private
Products
1- 3 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-12424 | Cri | 0.64 | 9.8 | 0.03 | Aug 4, 2017 | In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege… | ||
| CVE-2016-6252 | Hig | 0.51 | 7.8 | 0.00 | Feb 17, 2017 | Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap. | ||
| CVE-2023-4641 | 0.00 | — | 0.00 | Dec 27, 2023 | A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve… |
- risk 0.64cvss 9.8epss 0.03
In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege…
- risk 0.51cvss 7.8epss 0.00
Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap.
- CVE-2023-4641Dec 27, 2023risk 0.00cvss —epss 0.00
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve…