← back
CVE-2023-28486

CVE-2023-28486

EPSS 0.9%
Sudo before 1.9.13 does not escape control characters in log messages.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/sudo-project/sudo/commit/334daf92b31b79ce68ed75e2ee14fca265f029cahttps://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_13https://lists.debian.org/debian-lts-announce/2024/02/msg00002.htmlhttps://security.gentoo.org/glsa/202309-12https://security.netapp.com/advisory/ntap-20230420-0002/