A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including version 2.1.15 (for 2.1) and before version 2.3.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NOpensuse Open Build Service
APPOpensuse2.1.0 – 2.1.16 (bez)
Powiązane podatności
A Improper Restriction of XML External Entity Reference vulnerability in SUSE Open Build Service allows remote...
A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build s...
Open Build Service before version 0.165.4 diddn't validate TLS certificates for HTTPS connections with the osc...
The controller of the Open Build Service API prior to version 2.4.4 is missing a write permission check, allow...
In the Open Build Service (OBS) before version 2.4.6 the CSRF protection is incorrectly disabled in the web in...