CVE-2025-46717: sudo-rs Allows Low Privilege Users to Discover the Existence of Files in Inaccessible Folders

May 13, 2025

Users with no (or very limited) sudo privileges can determine whether files exists in folders that they otherwise cannot access using sudo --list <pathname>.

References

github.com/advisories/GHSA-98cv-wqjx-wx8f
github.com/trifectatechfoundation/sudo-rs
github.com/trifectatechfoundation/sudo-rs/releases/tag/v0.2.6
github.com/trifectatechfoundation/sudo-rs/security/advisories/GHSA-98cv-wqjx-wx8f
nvd.nist.gov/vuln/detail/CVE-2025-46717

Code Behaviors & Features

Detect and mitigate CVE-2025-46717 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →