CVE-2015-0796 open build service source server symlink exploitation via source patch

🗓️ 02 Mar 2018 20:00:00Reported by microfocusType

CVE-2015-0796 open build service symlink exploitatio

Reporter	Title	Published	Views	Family All 7
CNVD	open build service denial of service vulnerability (CNVD-2018-05905)	6 Mar 201800:00	–	cnvd
CVE	CVE-2015-0796	2 Mar 201820:00	–	cve
Debian CVE	CVE-2015-0796	2 Mar 201820:00	–	debiancve
EUVD	EUVD-2015-0809	7 Oct 202500:30	–	euvd
NVD	CVE-2015-0796	2 Mar 201820:29	–	nvd
Prion	Open redirect	2 Mar 201820:29	–	prion
SUSE CVE	SUSE CVE-2015-0796	15 Feb 202305:22	–	susecve

[
  {
    "product": "open build service",
    "vendor": "SUSE",
    "versions": [
      {
        "lessThan": "2.6.3",
        "status": "affected",
        "version": "2.6",
        "versionType": "custom"
      },
      {
        "lessThan": "2.5.7",
        "status": "affected",
        "version": "2.5",
        "versionType": "custom"
      },
      {
        "lessThan": "2.4.8",
        "status": "affected",
        "version": "2.4",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
bugzilla	www.bugzilla.suse.com/show_bug.cgi
github	www.github.com/openSUSE/open-build-service/commit/474a3db19498765f0118ba3dbc0b1cc90b0097fc

06 Jan 2021 16:15Current

7.5High risk

Vulners AI Score7.5

CVSS 36.3

EPSS0.00156

CWE-434