Upstream information

CVE-2018-12467 at MITRE

Description

Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage attribute, a similar issue to CVE-2018-7689.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

SUSE Bugzilla entries: 1098934 [RESOLVED / FIXED], 1100217 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.


SUSE Timeline for this CVE

CVE page created: Thu Jul 5 14:30:19 2018
CVE page last modified: Mon Sep 9 13:31:56 2024