Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-7688

Опубликовано: 07 июн. 2018
Источник: debian

Описание

A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
open-build-servicefixed2.9.4-1package
open-build-serviceno-dsastretchpackage

Примечания

  • https://bugzilla.suse.com/show_bug.cgi?id=1094820

  • https://github.com/openSUSE/open-build-service/commit/b15cf19e9e01115f653c76ffdc8f54cd97566553

Связанные уязвимости

ubuntu логотип

CVE-2018-7688

CVSS3: 7.1
ubuntu
больше 7 лет назад

A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions.

nvd логотип

CVE-2018-7688

CVSS3: 7.1
nvd
больше 7 лет назад

A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions.

github логотип

GHSA-9fp2-98jv-g7j6

CVSS3: 6.5
github
больше 3 лет назад

A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions.