Vulnerabilities > Todd Miller > Sudo > 1.7.10p7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-03-11 | CVE-2014-0106 | Improper Input Validation vulnerability in multiple products Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly check environment variables for the env_delete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variable. | 6.6 |