Opensuse Osc vulnerabilities
2 known vulnerabilities affecting opensuse/osc.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2019-3681CRITICALCVSS 9.8fixed in 0.169.1-3.20.1fixed in 0.162.1-15.9.1+2 more2020-06-29
CVE-2019-3681 [HIGH] CWE-73 CVE-2019-3681: A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Dev
A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that can change downloaded packages to overwrite arbitrary files.
nvd
CVE-2012-1095MEDIUMCVSS 4.3≤ 0.1332014-02-06
CVE-2012-1095 [MEDIUM] CWE-264 CVE-2012-1095: osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitra
osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a terminal emulator.
nvd