Lucene search
K

229 matches found

UbuntuCve
UbuntuCve
added 2021/02/11 3:15 p.m.23 views

CVE-2020-8031

A Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Open Build Service allows remote attackers to store JS code in markdown that is not properly escaped, impacting confidentiality and integrity. This issue affects: Open Build Service versions prio...

6.3CVSS6.2AI score0.00748EPSS
Exploits1References2
CVE
CVE
added 2021/02/11 3:10 p.m.56 views

CVE-2020-8031

CVE-2020-8031 affects Open Build Service, with versions prior to 2.10.8 vulnerable to a Cross-site Scripting issue where remote attackers can store JavaScript in markdown that is not properly escaped, impacting confidentiality and integrity. The vulnerability is tied to improper input neutralizat...

6.3CVSS5.7AI score0.00748EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2021/02/11 3:10 p.m.21 views

CVE-2020-8031

A Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Open Build Service allows remote attackers to store JS code in markdown that is not properly escaped, impacting confidentiality and integrity. This issue affects: Open Build Service versions prio...

6.3CVSS6AI score0.00748EPSS
Exploits1
Cvelist
Cvelist
added 2021/02/11 3:10 p.m.29 views

CVE-2020-8031 obs: Stored XSS

A Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Open Build Service allows remote attackers to store JS code in markdown that is not properly escaped, impacting confidentiality and integrity. This issue affects: Open Build Service versions prio...

6.3CVSS6.3AI score0.00748EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/02/11 12:0 a.m.7 views

Open Build Service 跨站脚本漏洞

Open Build Service OBS is a general-purpose system for building and distributing packages from source code in an automated, consistent, and repeatable manner, organized by the Open Build Service. A cross-site scripting vulnerability exists in Open Build Service that stems from a lack of proper...

6.3CVSS6.1AI score0.00748EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/02/04 12:0 a.m.17 views

Debian: Security Advisory (DLA-2545-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.1AI score0.01267EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/02/04 12:0 a.m.28 views

Debian DLA-2545-1 : open-build-service security update

CVE-2020-8020 An improper neutralization of input during web page generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS. CVE-2020-8021 An improper access control vulnerability in open-build-service allows remote attackers to read files of a...

6.5CVSS5.9AI score0.01267EPSS
Exploits1References5
Debian
Debian
added 2021/02/03 12:30 p.m.46 views

[SECURITY] [DLA 2545-1] open-build-service security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2545-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta February 03, 2021 https://wiki.debian.org/LTS -...

6.5CVSS6.4AI score0.01267EPSS
Exploits1
NVD
NVD
added 2020/09/01 12:15 p.m.21 views

CVE-2018-12475

A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-downloadfiles of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This issue affects:...

6.5CVSS6.3AI score0.0061EPSS
Exploits0References1
OSV
OSV
added 2020/09/01 12:15 p.m.2 views

CVE-2018-12475

A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-downloadfiles of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This issue affects:...

5.4CVSS5.8AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/09/01 12:15 p.m.34 views

CVE-2018-12475

A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-downloadfiles of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This issue affects:...

6.5CVSS6.1AI score0.0061EPSS
Exploits0References2
Prion
Prion
added 2020/09/01 12:15 p.m.21 views

Design/Logic Flaw

A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-downloadfiles of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This issue affects:...

5.5CVSS5.3AI score0.0061EPSS
Exploits0References1
OSV
OSV
added 2020/09/01 12:15 p.m.6 views

UBUNTU-CVE-2018-12475

A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-downloadfiles of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This issue affects:...

6.5CVSS5.8AI score0.0061EPSS
Exploits0References3
CVE
CVE
added 2020/09/01 11:55 a.m.59 views

CVE-2018-12475

The CVE-2018-12475 entry concerns an Externally Controlled Reference to a Resource in Another Sphere in openSUSE Open Build Service’s obs-service-download_files component. The vulnerability allows authenticated users to generate HTTP requests targeting internal networks, potentially leading to da...

6.5CVSS5.5AI score0.0061EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2020/05/20 12:0 a.m.4 views

Open Build Service Access Control Error Vulnerability

Open Build Service OBS is a general purpose system for building and distributing software packages from source code in an automated, consistent and repeatable manner. An Access Control Error vulnerability exists in OBS versions prior to 2.10.5. A remote attacker could exploit this vulnerability t...

5.3CVSS7AI score0.01267EPSS
Exploits1References1
OSV
OSV
added 2020/05/19 3:15 p.m.23 views

CVE-2020-8021

a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5...

5.3CVSS6.6AI score
Exploits0References2
NVD
NVD
added 2020/05/19 3:15 p.m.19 views

CVE-2020-8021

a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5...

5.3CVSS5.3AI score0.01267EPSS
Exploits1References2
OSV
OSV
added 2020/05/19 3:15 p.m.4 views

DEBIAN-CVE-2020-8021

a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5...

5.3CVSS5.7AI score0.01267EPSS
Exploits1References1
Prion
Prion
added 2020/05/19 3:15 p.m.16 views

Improper access control

a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5...

4.3CVSS5.2AI score0.01267EPSS
Exploits1References2Affected Software2
UbuntuCve
UbuntuCve
added 2020/05/19 3:15 p.m.21 views

CVE-2020-8021

a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5...

5.3CVSS6.1AI score0.01267EPSS
Exploits1References2
Rows per page
Query Builder