CVE-2021-36777

Summary

A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed attackers to present users with a expected login form that then sends the clear text credentials to an attacker specified server. This issue affects: openSUSE Build service login-proxy-scripts versions prior to dc000cdfe9b9b715fb92195b1a57559362f689ef.

Affected Software

VendorProductVersion RangeStatus
openSUSEBuild servicelogin-proxy-scripts < dc000cdfe9b9b715fb92195b1a57559362f689efaffected

Weaknesses

  • CWE-807: CWE-807: Reliance on Untrusted Inputs in a Security Decision

ADP Enrichment

CVE Program Container

Additional References

References