Vulnerabilities > Shadow Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-14	CVE-2023-29383	Injection vulnerability in Shadow Project Shadow 4.13 In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). local low complexity shadow-project CWE-74	3.3
2019-12-18	CVE-2019-19882	Incorrect Permission Assignment for Critical Resource vulnerability in Shadow Project Shadow 4.8 shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. local low complexity shadow-project CWE-732	7.8
2018-02-15	CVE-2018-7169	Incorrect Permission Assignment for Critical Resource vulnerability in Shadow Project Shadow 4.5 An issue was discovered in shadow 4.5. network low complexity shadow-project CWE-732	5.3
2017-08-04	CVE-2017-12424	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. network low complexity shadow-project debian CWE-119 critical	9.8
2017-02-17	CVE-2016-6252	Integer Overflow or Wraparound vulnerability in Shadow Project Shadow 4.2.1 Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap. local low complexity shadow-project CWE-190	7.8

Vulnerabilities > Shadow Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Shadow Project"}]}