Bug | stretch | bookworm | trixie | sid | Description |
---|
CVE-2020-8031 | vulnerable (no DSA, postponed) | fixed | fixed | fixed | A Improper Neutralization of Input During Web Page Generation ('Cross- ... |
CVE-2018-12479 | vulnerable (no DSA) | fixed | fixed | fixed | A Improper Input Validation vulnerability in Open Build Service allows ... |
CVE-2018-12467 | vulnerable (no DSA) | fixed | fixed | fixed | Authorized users of the openbuildservice before 2.9.4 could delete pac ... |
CVE-2018-12466 | vulnerable (no DSA) | fixed | fixed | fixed | openSUSE openbuildservice before 9.2.4 allowed authenticated users to ... |
CVE-2018-7689 | vulnerable (no DSA) | fixed | fixed | fixed | Lack of permission checks in the InitializeDevelPackage function in op ... |
CVE-2018-7688 | vulnerable (no DSA) | fixed | fixed | fixed | A missing permission check in the review handling of openSUSE Open Bui ... |
CVE-2017-9268 | vulnerable (no DSA) | fixed | fixed | fixed | In the open build service before 201707022 the wipetrigger and rebuild ... |
CVE-2017-5188 | vulnerable (no DSA) | fixed | fixed | fixed | The bs_worker code in open build service before 20170320 followed rela ... |
Bug | Description |
---|
CVE-2020-8021 | a Improper Access Control vulnerability in of Open Build Service allow ... |
CVE-2020-8020 | A Improper Neutralization of Input During Web Page Generation vulnerab ... |
CVE-2015-0796 | In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before ... |
CVE-2014-0594 | In the Open Build Service (OBS) before version 2.4.6 the CSRF protecti ... |
CVE-2011-4183 | A vulnerability in open build service allows remote attackers to uploa ... |
CVE-2011-4181 | A vulnerability in open build service allows remote attackers to gain ... |
CVE-2011-3178 | In the web ui of the openbuildservice before 2.3.0 a code injection of ... |
CVE-2011-0469 | Code injection in openSUSE when running some source services used in t ... |
CVE-2010-3782 | obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to ... |