Filters
openSUSE Open Build ServiceMultiple XXE vulnerabilities in OBS
First published (updated )
openSUSE Open Build Servicelogin-proxy sends password to attacker-provided domain
8.8
First published (updated )
openSUSE Open Build Serviceobs-service-download_files allows downloading from localhost or intranet hosts
6.5
First published (updated )
openSUSE Open Build Serviceunauthorized read access to files where sourceaccess is disabled via a crafted _service file in Open Build Service
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
openSUSE Open Build ServicePersistent XSS in markdown parser used by obs-server
6.5
First published (updated )
openSUSE Open Build ServiceMissing TLS certificate validation for HTTPS connections in osc
7.7
First published (updated )
openSUSE Open Build Serviceobs-service-replace_using_package_version allows to specify arbitrary input files
6.5
First published (updated )
openSUSE Open Build ServiceRequest controller allows to create requests with arbitrary request IDs
7.5
First published (updated )
openSUSE Open Build Servicepath traversal in obs-service-tar_scm
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
openSUSE Open Build Serviceopenbuildservice allowed deleting packages via project links
6.5
First published (updated )
openSUSE Open Build Servicedelete package via link exploit in open buildservice
6.5
First published (updated )
openSUSE Open Build Serviceopen build service allows anyone to upload rpms
9.8
First published (updated )
openSUSE Open Build Serviceopen build service information leak via unauthorized source access
7.5
First published (updated )
openSUSE Open Build ServiceNo write permission check in change_role command
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
openSUSE Open Build ServiceOpen Build Service accepts arbitrary reviews
7.1
First published (updated )
openSUSE Open Build ServiceOpen Build Service arbitrary package modification
7.1
First published (updated )
openSUSE Open Build Serviceopenbuildservice webui code injection
8.8
First published (updated )
openSUSE Open Build Serviceopen-build-service retrigger / wipebinaries hitting the wrong project bypassing access permissions
6.5
First published (updated )
openSUSE Open Build ServiceOBS worker VM escape via relative symbolic links
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
openSUSE Open Build ServiceCSRF protection incorrectly disabled
8.8
First published (updated )