Opensuse - Open Build Service CVE

Filtered by vendor Opensuse Subscribe

Filtered by product Open Build Service

Total 22 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-7689	1 Opensuse	1 Open Build Service	2024-02-04	4.0 MEDIUM	6.5 MEDIUM
Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service before 2.9.3 allowed authenticated users to modify packages where they do not have write permissions.
CVE-2013-3703	1 Opensuse	1 Open Build Service	2024-02-04	4.0 MEDIUM	6.5 MEDIUM
The controller of the Open Build Service API prior to version 2.4.4 is missing a write permission check, allowing an authenticated attacker to add or remove user roles from packages and/or project meta data.

Vulnerabilities (CVE)