Suse Open Build Service
5 CVEs affecting Suse Open Build Service. Latest disclosed: 2022-05-03. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-21949 | High | 8.8 | 2022-05-03 | A Improper Restriction of XML External Entity Reference vulnerability in SUSE Open Build Service allows remote attackers to reference external entities in cert… |
CVE-2011-4181 | High | 7.5 | 2018-06-11 | A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE… |
CVE-2011-4183 | Medium | 6.5 | 2018-06-13 | A vulnerability in open build service allows remote attackers to upload arbitrary RPM files. Affected releases are SUSE open build service prior to 2.1.16. |
CVE-2015-0796 | Medium | 6.3 | 2018-03-02 | In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service patch application could generate non-standard files like symlin… |
CVE-2017-9268 | Medium | 4.4 | 2018-03-01 | In the open build service before 201707022 the wipetrigger and rebuild actions checked the wrong project for permissions, allowing authenticated users to cause… |