HIGH🇵🇱 Wersja polska

CVE-2011-4181

CVSS 7.5v3.1pub. 2018-06-11upd. 2024-11-21

A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including version 2.1.15 (for 2.1) and before version 2.3.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Opensuse Open Build Service

    APP
    Opensuse
    2.1.0 – 2.1.16 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2022-21949HIGH8.8ten sam produkt

A Improper Restriction of XML External Entity Reference vulnerability in SUSE Open Build Service allows remote...

CVE-2021-36777HIGH8.1ten sam produkt

A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build s...

CVE-2019-3685HIGH7.4ten sam produkt

Open Build Service before version 0.165.4 diddn't validate TLS certificates for HTTPS connections with the osc...

CVE-2013-3703HIGH8.8ten sam produkt

The controller of the Open Build Service API prior to version 2.4.4 is missing a write permission check, allow...

CVE-2014-0594HIGH8.8ten sam produkt

In the Open Build Service (OBS) before version 2.4.6 the CSRF protection is incorrectly disabled in the web in...