Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.


Entered Topic
2021-01-11 sudo -- Potential information leak in sudoedit
2020-01-30 sudo -- Potential bypass of Runas user restrictions
2019-10-24 sudo -- Potential bypass of Runas user restrictions
2016-10-28 sudo -- Potential bypass of via wordexp()
2016-01-26 sudo -- potential privilege escalation via symlink misconfiguration
2013-03-01 sudo -- Authentication bypass when clock is reset
sudo -- Potential bypass of tty_tickets constraints
2012-05-16 sudo -- netmask vulnerability
2012-01-30 sudo -- format string vulnerability
2011-01-13 sudo -- local privilege escalation
2010-09-07 sudo -- Flaw in Runas group matching
2010-06-02 sudo -- Secure path vulnerability
2010-04-15 sudo -- Privilege escalation with sudoedit
2010-03-01 sudo -- Privilege escalation with sudoedit
2009-02-06 sudo -- certain authorized users could run commands as any user
2006-02-16 sudo -- arbitrary command execution
2005-06-20 sudo -- local race condition vulnerability
2005-01-21 sudo -- environmental variable CDPATH is not cleared
2004-11-13 sudo -- privilege escalation with bash scripts
2004-09-20 sudo -- sudoedit information disclosure