cvedb.io
CVE-2022-39245
HIGH · CVSS 8.4
EPSS exploitation probability: 0%
Published 2022-09-26T14:15:10.757 · Last modified 2026-06-17T04:57:59.307

Summary

Mist is the command-line interface for the makedeb Package Repository. Prior to version 0.9.5, a user-provided `sudo` binary via the `PATH` variable can allow a local user to run arbitrary commands on the user's system with root permissions. Versions 0.9.5 and later contain a patch. No known workarounds exist.

Affected products

makedeb — mist

Does this affect you?

Add your gear to cvedb and we'll alert you only when makedeb ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.