Opendoas Project Opendoas — known CVE vulnerabilities
Every CVE whose affected-product data names Opendoas Project Opendoas, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2019-25016 — CVSS 8.8 (high): In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly inherited by authenticated executions if the authenticating rule…
CVE-2023-28339 — CVSS 8.8 (high): OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session…