CVE-2018-12476
4.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Summary
Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed. This issue affects: SUSE Linux Enterprise Server 15 obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74:. openSUSE Factory obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server 15 | obs-service-tar_scm < 0.9.2.1537788075.fefaa74: | affected |
| openSUSE | Factory | obs-service-tar_scm < 0.9.2.1537788075.fefaa74 | affected |
Weaknesses
- CWE-23: CWE-23: Relative Path Traversal
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.