229 matches found
CVE-2020-8031
A Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Open Build Service allows remote attackers to store JS code in markdown that is not properly escaped, impacting confidentiality and integrity. This issue affects: Open Build Service versions prio...
CVE-2020-8031
CVE-2020-8031 affects Open Build Service, with versions prior to 2.10.8 vulnerable to a Cross-site Scripting issue where remote attackers can store JavaScript in markdown that is not properly escaped, impacting confidentiality and integrity. The vulnerability is tied to improper input neutralizat...
CVE-2020-8031
A Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Open Build Service allows remote attackers to store JS code in markdown that is not properly escaped, impacting confidentiality and integrity. This issue affects: Open Build Service versions prio...
CVE-2020-8031 obs: Stored XSS
A Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Open Build Service allows remote attackers to store JS code in markdown that is not properly escaped, impacting confidentiality and integrity. This issue affects: Open Build Service versions prio...
Open Build Service 跨站脚本漏洞
Open Build Service OBS is a general-purpose system for building and distributing packages from source code in an automated, consistent, and repeatable manner, organized by the Open Build Service. A cross-site scripting vulnerability exists in Open Build Service that stems from a lack of proper...
Debian: Security Advisory (DLA-2545-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2545-1 : open-build-service security update
CVE-2020-8020 An improper neutralization of input during web page generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS. CVE-2020-8021 An improper access control vulnerability in open-build-service allows remote attackers to read files of a...
[SECURITY] [DLA 2545-1] open-build-service security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2545-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta February 03, 2021 https://wiki.debian.org/LTS -...
CVE-2018-12475
A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-downloadfiles of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This issue affects:...
CVE-2018-12475
A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-downloadfiles of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This issue affects:...
CVE-2018-12475
A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-downloadfiles of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This issue affects:...
Design/Logic Flaw
A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-downloadfiles of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This issue affects:...
UBUNTU-CVE-2018-12475
A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-downloadfiles of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This issue affects:...
CVE-2018-12475
The CVE-2018-12475 entry concerns an Externally Controlled Reference to a Resource in Another Sphere in openSUSE Open Build Service’s obs-service-download_files component. The vulnerability allows authenticated users to generate HTTP requests targeting internal networks, potentially leading to da...
Open Build Service Access Control Error Vulnerability
Open Build Service OBS is a general purpose system for building and distributing software packages from source code in an automated, consistent and repeatable manner. An Access Control Error vulnerability exists in OBS versions prior to 2.10.5. A remote attacker could exploit this vulnerability t...
CVE-2020-8021
a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5...
CVE-2020-8021
a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5...
DEBIAN-CVE-2020-8021
a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5...
Improper access control
a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5...
CVE-2020-8021
a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5...