4 matches found
Design/Logic Flaw
A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions...
CVE-2018-7688
A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions...
CVE-2018-7688 Open Build Service accepts arbitrary reviews
A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions...
CVE-2018-7688
CVE-2018-7688 describes a missing permission check in the review handling of openSUSE Open Build Service prior to version 2.9.3, which could allow any authenticated user to modify sources in projects where they lack write permissions. The vulnerability affects the Open Build Service workflow and ...