This page lists publicly disclosed CVE vulnerabilities affecting sas base (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2002-2018 | sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault. | [email protected] | 7.2 | 0.06% | 2002-12-31 | 2026-04-16 |
| CVE-2002-2017 | sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd. | [email protected] | 10.0 | 1.01% | 2002-12-31 | 2026-04-16 |