Known Vulnerabilities for Open Build Service by Opensuse
Listed below are 10 of the newest known vulnerabilities associated with "Open Build Service" by "Opensuse".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-21949 json | A Improper Restriction of XML External Entity Reference vulnerability in SUSE Open Build Service allows remote attackers to r... | 8.8 - HIGH | 2022-05-03 | 2022-05-10 |
| CVE-2021-36777 json | A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed ... | 8.8 - HIGH | 2022-03-09 | 2023-07-07 |
| CVE-2020-8031 json | A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Open Build Service al... | 5.4 - MEDIUM | 2021-02-11 | 2021-02-17 |
| CVE-2020-8021 json | a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package wher... | 5.3 - MEDIUM | 2020-05-19 | 2021-03-15 |
| CVE-2020-8020 json | A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote attackers to ... | 6.1 - MEDIUM | 2020-05-13 | 2021-03-15 |
| CVE-2019-3685 json | Open Build Service before version 0.165.4 diddn't validate TLS certificates for HTTPS connections with the osc client binary | 7.7 - HIGH | 2019-11-05 | 2019-11-08 |
| CVE-2018-12479 json | A Improper Input Validation vulnerability in Open Build Service allows remote attackers to cause DoS by specifying crafted re... | 7.5 - HIGH | 2018-10-09 | 2023-11-07 |
| CVE-2018-12478 json | A Improper Input Validation vulnerability in Open Build Service allows remote attackers to extract files from the system wher... | 6.5 - MEDIUM | 2018-10-09 | 2023-11-07 |
| CVE-2018-12475 json | A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-download_files of openSUSE Ope... | 5.4 - MEDIUM | 2020-09-01 | 2023-11-07 |
| CVE-2018-12473 json | A path traversal traversal vulnerability in obs-service-tar_scm of Open Build Service allows remote attackers to cause access... | 7.5 - HIGH | 2018-10-02 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Opensuse | Open Build Service | 9.2.4 | |||
| Application | Opensuse | Open Build Service | 2020-05-13 | |||
| Application | Opensuse | Open Build Service | 2.9.6 | |||
| Application | Opensuse | Open Build Service | 2.9.5 | |||
| Application | Opensuse | Open Build Service | 2.9.4 | |||
| Application | Opensuse | Open Build Service | 2.9.3 | |||
| Application | Opensuse | Open Build Service | 2.9.2 | |||
| Application | Opensuse | Open Build Service | 2.9.1 | |||
| Application | Opensuse | Open Build Service | 2.9.0 | |||
| Application | Opensuse | Open Build Service | 2.8.4 | |||
| Application | Opensuse | Open Build Service | 2.8.3 | |||
| Application | Opensuse | Open Build Service | 2.8.2 | |||
| Application | Opensuse | Open Build Service | 2.8.1 | |||
| Application | Opensuse | Open Build Service | 2.8.0 | |||
| Application | Opensuse | Open Build Service | 2.7.4 | |||
| Application | Opensuse | Open Build Service | 2.7.3 | |||
| Application | Opensuse | Open Build Service | 2.7.2 | |||
| Application | Opensuse | Open Build Service | 2.7.1 | |||
| Application | Opensuse | Open Build Service | 2.7.0 | |||
| Application | Opensuse | Open Build Service | 2.6.9 |