Lucene search
K

8 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:29 a.m.5 views

SUSE CVE-2018-7689

Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service before 2.9.3 allowed authenticated users to modify packages where they do not have write permissions...

7.1CVSS6.3AI score0.01208EPSS
Exploits0References4
Prion
Prion
added 2018/08/01 3:29 p.m.21 views

Design/Logic Flaw

Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage attribute, a similar issue to CVE-2018-7689...

5.5CVSS6.3AI score0.01208EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2018/08/01 3:29 p.m.31 views

CVE-2018-12467

Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage attribute, a similar issue to CVE-2018-7689...

6.5CVSS6.8AI score0.00645EPSS
Exploits0References3
NVD
NVD
added 2018/08/01 3:29 p.m.23 views

CVE-2018-12467

Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage attribute, a similar issue to CVE-2018-7689...

6.5CVSS6.2AI score0.00645EPSS
Exploits0References2
OSV
OSV
added 2018/06/07 1:29 p.m.20 views

CVE-2018-7689

Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service before 2.9.3 allowed authenticated users to modify packages where they do not have write permissions...

6.5CVSS6.5AI score0.01208EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/06/07 1:0 p.m.30 views

CVE-2018-7689 Open Build Service arbitrary package modification

Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service before 2.9.3 allowed authenticated users to modify packages where they do not have write permissions...

7.1CVSS6.1AI score0.01208EPSS
Exploits0References3
CVE
CVE
added 2018/06/07 1:0 p.m.74 views

CVE-2018-7689

The vulnerability CVE-2018-7689 affects openSUSE Open Build Service prior to version 2.9.3. The root cause is missing permission checks in the InitializeDevelPackage function, enabling authenticated users to modify packages for which they do not have write access. Impact is authenticated access t...

7.1CVSS6AI score0.01208EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2018/06/07 1:0 p.m.30 views

CVE-2018-7689

Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service before 2.9.3 allowed authenticated users to modify packages where they do not have write permissions...

7.1CVSS6.2AI score0.01208EPSS
Exploits0
Rows per page
Query Builder