Vulnerabilities > Shadow Project > Shadow > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-18 | CVE-2019-19882 | Incorrect Permission Assignment for Critical Resource vulnerability in Shadow Project Shadow 4.8 shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. | 7.8 |
| 2017-02-17 | CVE-2016-6252 | Integer Overflow or Wraparound vulnerability in Shadow Project Shadow 4.2.1 Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap. | 7.8 |