CVE-2018-12467

Summary

Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage attribute, a similar issue to CVE-2018-7689.

Affected Software

VendorProductVersion RangeStatus
opensuseopenbuildserviceunspecified < 9.2.4affected

Weaknesses

  • CWE-285: CWE-285

ADP Enrichment

CVE Program Container

Additional References

References