VYPR

doas

by Slicer69

CVEs (2)

  • CVE-2019-15901HigOct 18, 2019
    risk 0.00cvss 8.8epss 0.03

    An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. A setusercontext(3) call with flags to change the UID, primary GID, and secondary GIDs was replaced (on certain platforms: Linux and possibly NetBSD) with a single setuid(2) call. This…

  • CVE-2019-15900CriOct 18, 2019
    risk 0.00cvss 9.8epss 0.02

    An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. On platforms without strtonum(3), sscanf was used without checking for error cases. Instead, the uninitialized variable errstr was checked and in some cases returned success even if…