CVE-2018-7688

Summary

A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions.

Affected Software

VendorProductVersion RangeStatus
openSUSEOpen Build Serviceunspecified < 2.9.3affected

Weaknesses

  • CWE-862: CWE-862

ADP Enrichment

CVE Program Container

Additional References

References