{"id":"CVE-2019-15900","details":"An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. On platforms without strtonum(3), sscanf was used without checking for error cases. Instead, the uninitialized variable errstr was checked and in some cases returned success even if sscanf failed. The result was that, instead of reporting that the supplied username or group name did not exist, it would execute the command as root.","modified":"2026-04-11T14:11:03.509562Z","published":"2019-10-18T16:15:10.257Z","references":[{"type":"ADVISORY","url":"https://github.com/slicer69/doas/compare/6.1p1...6.2"},{"type":"FIX","url":"https://github.com/slicer69/doas/commit/2f83222829448e5bc4c9391d607ec265a1e06531"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/slicer69/doas","events":[{"introduced":"0"},{"fixed":"1c2858c681935a040cd2313e599b05a5dd40be95"},{"fixed":"2f83222829448e5bc4c9391d607ec265a1e06531"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"6.2"}]}}],"versions":["6.0-1","6.0p0","6.0p1","6.0p2","6.0p3","6.0p4","6.1","6.1p1","v5.9","v5.9-1","v5.9-2","v5.9-3","v5.9-4","v5.9-5","v5.9-6","v5.9-7","v6.0-0","v6.0p0"],"database_specific":{"vanir_signatures_modified":"2026-04-11T14:11:03Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-15900.json","vanir_signatures":[{"id":"CVE-2019-15900-3ae2e939","deprecated":false,"target":{"file":"doas.c","function":"parsegid"},"signature_version":"v1","source":"https://github.com/slicer69/doas/commit/2f83222829448e5bc4c9391d607ec265a1e06531","signature_type":"Function","digest":{"function_hash":"266296991134810920258128410524703637520","length":370}},{"id":"CVE-2019-15900-3cf81281","deprecated":false,"target":{"file":"doas.c"},"signature_version":"v1","source":"https://github.com/slicer69/doas/commit/1c2858c681935a040cd2313e599b05a5dd40be95","signature_type":"Line","digest":{"line_hashes":["250914823833810285293079482049952578704","197294044844770712924012022004621264890","108109185316000985971082201321404095927","145314675076227705290369440686879783501","16671832619480168456010660477214813248","69338107946595217041686593973829267182","54836897644525216480907834479467472268","111237984087887477869239362980147307270","94033025074033857471827013339216874682","332476682146955054843645613893299984583","89421335575987988360587538432624857334","333062873912320297316320785928971070219"],"threshold":0.9}},{"id":"CVE-2019-15900-68bce56d","deprecated":false,"target":{"file":"execvpe.c"},"signature_version":"v1","source":"https://github.com/slicer69/doas/commit/1c2858c681935a040cd2313e599b05a5dd40be95","signature_type":"Line","digest":{"line_hashes":["77395771208282268693997227990409505562","211361197346725683365328174351071453735","112781367654528564918063634607454395652","95301899913539240870913893487146184124"],"threshold":0.9}},{"id":"CVE-2019-15900-a16f009a","deprecated":false,"target":{"file":"doas.c"},"signature_version":"v1","source":"https://github.com/slicer69/doas/commit/2f83222829448e5bc4c9391d607ec265a1e06531","signature_type":"Line","digest":{"line_hashes":["161436026717749394231187615494824062368","240990572477761158021740583364541491731","9629622666929093245658212775283599446","259423222634234242547647147230636170811","38735327664398550148731219402092184649","248298967798001791048825694738597410051","206335043750931323256391529073543522128","90327457158411487663584959385201418031","205948000800797245708663078642176838629","116853932474837646133580066077067177836","77598910437713689299743859517413341517","301956741432154126966077242761324880287","262746729953958696488059471402592917600","6005761227142916895009965049942594972","154289742668512170089586279602942840782","30212061962853294714546223078066022174","302597760226101407388597236378922561592","219517769209492200907224748183746709298","221038129423982250277593961285383747514","167933244709772291290733260137162877605","214737444738495099761361442236329520413","116853932474837646133580066077067177836","77598910437713689299743859517413341517","301956741432154126966077242761324880287"],"threshold":0.9}},{"id":"CVE-2019-15900-b22417ee","deprecated":false,"target":{"file":"execvpe.c","function":"execvpe"},"signature_version":"v1","source":"https://github.com/slicer69/doas/commit/1c2858c681935a040cd2313e599b05a5dd40be95","signature_type":"Function","digest":{"function_hash":"260128427067475575999234089115858697183","length":1884}},{"id":"CVE-2019-15900-d97bc421","deprecated":false,"target":{"file":"doas.c","function":"main"},"signature_version":"v1","source":"https://github.com/slicer69/doas/commit/1c2858c681935a040cd2313e599b05a5dd40be95","signature_type":"Function","digest":{"function_hash":"1093068236214784544660255800299605419","length":5831}},{"id":"CVE-2019-15900-dedc7342","deprecated":false,"target":{"file":"doas.c","function":"parseuid"},"signature_version":"v1","source":"https://github.com/slicer69/doas/commit/2f83222829448e5bc4c9391d607ec265a1e06531","signature_type":"Function","digest":{"function_hash":"8583189512477610533521138920454968142","length":370}}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}