Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed. This issue affects: SUSE Linux Enterprise....
7.5CVSS
7.7AI Score
0.002EPSS
obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to a bug in the REST api...
8.8CVSS
8.5AI Score
0.001EPSS