{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1.0.7-1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "10.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "16.04" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "18.04" } ] } ] } } ], "details": "pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups.", "id": "CVE-2019-16729", "modified": "2026-03-15T13:44:48.081961149Z", "published": "2019-09-24T05:15:11.283Z", "references": [ { "type": "ADVISORY", "url": "https://tracker.debian.org/news/1066790/accepted-pam-python-107-1-source-amd64-all-into-unstable/" }, { "type": "ADVISORY", "url": "https://usn.ubuntu.com/4552-1/" }, { "type": "ADVISORY", "url": "https://usn.ubuntu.com/4552-2/" }, { "type": "ADVISORY", "url": "https://www.debian.org/security/2019/dsa-4555" }, { "type": "ADVISORY", "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00020.html" }, { "type": "REPORT", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1150510#c1" }, { "type": "FIX", "url": "https://sourceforge.net/p/pam-python/code/ci/0247ab687b4347cc52859ca461fb0126dd7e2ebe/" } ], "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }