Описание
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affected releases are openSUSE Open Build Service: versions prior to d6244245dda5367767efc989446fe4b5e4609cce.
Ссылки
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00315
Низкий
3.5 Low
CVSS3
7.5 High
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-93
CWE-93
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affected releases are openSUSE Open Build Service: versions prior to d6244245dda5367767efc989446fe4b5e4609cce.
EPSS
Процентиль: 54%
0.00315
Низкий
3.5 Low
CVSS3
7.5 High
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-93
CWE-93