3 matches found
openSUSE: Security Advisory for obs-service-tar_scm (openSUSE-SU-2019:0326-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : obs-service-tar_scm (openSUSE-2019-326)
This update for obs-service-tarscm fixes the following issues : Security vulnerabilities addressed : - CVE-2018-12473: Fixed a path traversal issue, which allowed users to access files outside of the repository using relative paths bsc1105361 - CVE-2018-12474: Fixed an issue whereby crafted servi...
CVE-2018-12474
CVE-2018-12474 is addressed by updates to obs-service-tar_scm in openSUSE/openSUSE Open Build Service. The vulnerability arises from improper input/parameter handling: crafted service parameters could trigger unexpected behavior, enabling an attacker to access files outside the target repository ...