CVE-2018-12477
obs-service-refresh_patches can be tricked into deleting '..' or other unrelated directories
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affected releases are openSUSE Open Build Service: versions prior to d6244245dda5367767efc989446fe4b5e4609cce.
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Produtos afetados
openSUSE · Open Build ServiceQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →