Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
obs-service-refresh_patches can be tricked into deleting '..' or other unrelated directories
Vulnerability Description
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affected releases are openSUSE Open Build Service: versions prior to d6244245dda5367767efc989446fe4b5e4609cce.
CVSS Information
N/A
Vulnerability Type
对CRLF序列的转义处理不恰当(CRLF注入)
Vulnerability Title
Open Build Service 安全漏洞
Vulnerability Description
Open Build Service(OBS)是一套通用的、以自动、一致和可重复的方式从源代码构建和分发软件包的系统。 Open Build Service d6244245dda5367767efc989446fe4b5e4609cce之前版本中存在安全漏洞。远程攻击者可通过借助obs-service-refresh_patches利用该漏洞删除目录。
CVSS Information
N/A
Vulnerability Type
N/A