CPE-F143FB1D-81D7-4DC9-8411-59A345FD0BD8 Detail

CPE Details

openSUSE Open Build Service (OBS) 2.10.1

Vendor

opensuse

Product

open_build_service

Version

2.10.1

Created

2019-09-18
16h16 +00:00

Modified

2019-09-18
16h16 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:opensuse:open_build_service:2.10.1:::::::*

Informations

Vendor

opensuse

Product

open_build_service

Version

2.10.1

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2022-21949	2022-05-03 07h50 +00:00	A Improper Restriction of XML External Entity Reference vulnerability in SUSE Open Build Service allows remote attackers to reference external entities in certain operations. This can be used to gain information from the server that can be abused to escalate to Admin privileges on OBS. This issue affects: SUSE Open Build Service Open Build Service versions prior to 2.10.13.	8.8	High
CVE-2021-36777	2022-03-09 16h26 +00:00	A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed attackers to present users with a expected login form that then sends the clear text credentials to an attacker specified server. This issue affects: openSUSE Build service login-proxy-scripts versions prior to dc000cdfe9b9b715fb92195b1a57559362f689ef.	8.8	High
CVE-2020-8031	2021-02-11 15h10 +00:00	A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Open Build Service allows remote attackers to store JS code in markdown that is not properly escaped, impacting confidentiality and integrity. This issue affects: Open Build Service versions prior to 2.10.8.	6.3	Medium
CVE-2020-8021	2020-05-19 14h25 +00:00	a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5.	5.3	Medium
CVE-2020-8020	2020-05-13 14h50 +00:00	A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS. This issue affects: openSUSE open-build-service versions prior to 7cc32c8e2ff7290698e101d9a80a9dc29a5500fb.	6.5	Medium
CVE-2018-12466	2018-08-01 15h00 +00:00	openSUSE openbuildservice before 9.2.4 allowed authenticated users to delete packages on specific projects with project links.	6.5	Medium

openSUSE Open Build Service (OBS) 2.10.1

CPE Details

CPE Name: cpe:2.3:a:opensuse:open_build_service:2.10.1:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:opensuse:open_build_service:2.10.1:::::::*