Vulnerabilities > Opendoas Project

DATE CVE VULNERABILITY TITLE RISK
2023-03-14 CVE-2023-28339 Unspecified vulnerability in Opendoas Project Opendoas
OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session.
network
low complexity
opendoas-project
8.8
2021-01-28 CVE-2019-25016 Missing Initialization of Resource vulnerability in Opendoas Project Opendoas 6.6/6.6.1/6.8
In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly inherited by authenticated executions if the authenticating rule allowed the user to execute any command.
network
low complexity
opendoas-project CWE-909
8.8