Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage attribute, a similar issue to CVE-2018-7689.
References
Configurations
History
21 Nov 2024, 03:45
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.5
v3 : 6.0 |
References | () https://bugzilla.suse.com/show_bug.cgi?id=1100217 - | |
References | () https://github.com/openSUSE/open-build-service/commit/f57b660f49f830006766a8d4abc3b4af6e178063 - |
07 Nov 2023, 02:52
Type | Values Removed | Values Added |
---|---|---|
References | () https://bugzilla.suse.com/show_bug.cgi?id=1100217 - | |
References | () https://github.com/openSUSE/open-build-service/commit/f57b660f49f830006766a8d4abc3b4af6e178063 - |
Information
Published : 2018-08-01 15:29
Updated : 2024-11-21 03:45
NVD link : CVE-2018-12467
Mitre link : CVE-2018-12467
CVE.ORG link : CVE-2018-12467
JSON object : View
Products Affected
opensuse
- open_build_service