2 matches found
CVE-2018-12475
The CVE-2018-12475 entry concerns an Externally Controlled Reference to a Resource in Another Sphere in openSUSE Open Build Service’s obs-service-download_files component. The vulnerability allows authenticated users to generate HTTP requests targeting internal networks, potentially leading to da...
CVE-2018-12478
CVE-2018-12478 affects the Open Build Service (OBS) used by openSUSE. The vulnerability is described as an improper input validation flaw that could allow remote attackers to extract files from the system hosting OBS. Affected releases are listed as openSUSE Open Build Service with status unknown...