4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
0.003 Low
EPSS
Percentile
69.1%
A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including version 2.1.15 (for 2.1) and before version 2.3.
[
{
"product": "open build service",
"vendor": "SUSE",
"versions": [
{
"lessThanOrEqual": "2.1.15",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "2.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]