Opensuse Openbuildservice vulnerabilities
3 known vulnerabilities affecting opensuse/openbuildservice.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2018-12467MEDIUMCVSS 6.5≥ unspecified, < 9.2.42018-08-01
CVE-2018-12467 [MEDIUM] CWE-285 CVE-2018-12467: Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious req
Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage attribute, a similar issue to CVE-2018-7689.
cvelistv5nvd
CVE-2018-12466MEDIUMCVSS 6.5≥ unspecified, ≤ 2.9.42018-08-01
CVE-2018-12466 [MEDIUM] CWE-285 CVE-2018-12466: openSUSE openbuildservice before 9.2.4 allowed authenticated users to delete packages on specific pr
openSUSE openbuildservice before 9.2.4 allowed authenticated users to delete packages on specific projects with project links.
cvelistv5nvd
CVE-2011-3178HIGHCVSS 8.8≥ unspecified, < 2.3.02018-03-20
CVE-2011-3178 [HIGH] CWE-78 CVE-2011-3178: In the web ui of the openbuildservice before 2.3.0 a code injection of the project rebuildtimes stat
In the web ui of the openbuildservice before 2.3.0 a code injection of the project rebuildtimes statistics could be used by authorized attackers to execute shellcode.
cvelistv5nvd