CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-32463

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.297

EPSS Ranking 96.5%

CVSS Severity

CVSS v3 Score 9.3

References

Products affected by CVE-2025-32463

Sudo Project » Sudo » Version: 1.9.14

cpe:2.3:a:sudo_project:sudo:1.9.14
Sudo Project » Sudo » Version: 1.9.15

cpe:2.3:a:sudo_project:sudo:1.9.15
Sudo Project » Sudo » Version: 1.9.17

cpe:2.3:a:sudo_project:sudo:1.9.17
Canonical » Ubuntu Linux » Version: 22.04

cpe:2.3:o:canonical:ubuntu_linux:22.04
Canonical » Ubuntu Linux » Version: 24.04

cpe:2.3:o:canonical:ubuntu_linux:24.04
Canonical » Ubuntu Linux » Version: 24.10

cpe:2.3:o:canonical:ubuntu_linux:24.10
Canonical » Ubuntu Linux » Version: 25.04

cpe:2.3:o:canonical:ubuntu_linux:25.04
Debian » Debian Linux » Version: 11.0

cpe:2.3:o:debian:debian_linux:11.0
Debian » Debian Linux » Version: 12.0

cpe:2.3:o:debian:debian_linux:12.0
Debian » Debian Linux » Version: 13.0

cpe:2.3:o:debian:debian_linux:13.0
Opensuse » Leap » Version: 15.6

cpe:2.3:o:opensuse:leap:15.6
Redhat » Enterprise Linux » Version: 10.0

cpe:2.3:o:redhat:enterprise_linux:10.0
Suse » Linux Enterprise Desktop » Version: 15

cpe:2.3:o:suse:linux_enterprise_desktop:15
Suse » Linux Enterprise Real Time » Version: 15.0

cpe:2.3:o:suse:linux_enterprise_real_time:15.0
Suse » Linux Enterprise Server For Sap » Version: 12

cpe:2.3:o:suse:linux_enterprise_server_for_sap:12

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-32463

Products

Pricing

Contact Us