CVE-2018-12477
3.5
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Summary
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affected releases are openSUSE Open Build Service: versions prior to d6244245dda5367767efc989446fe4b5e4609cce.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| openSUSE | Open Build Service | unspecified < d6244245dda5367767efc989446fe4b5e4609cce | affected |
Weaknesses
- CWE-93: CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.