Vulnerabilities > Shadow Project > Shadow > 4.2.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-04 | CVE-2017-12424 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. | 7.5 |
| 2017-02-17 | CVE-2016-6252 | Integer Overflow or Wraparound vulnerability in Shadow Project Shadow 4.2.1 Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap. | 4.6 |