Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
login-proxy sends password to attacker-provided domain
Vulnerability Description
A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed attackers to present users with a expected login form that then sends the clear text credentials to an attacker specified server. This issue affects: openSUSE Build service login-proxy-scripts versions prior to dc000cdfe9b9b715fb92195b1a57559362f689ef.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Vulnerability Type
在安全决策中依赖未经信任的输入
Vulnerability Title
SUSE openSUSE 安全漏洞
Vulnerability Description
openSUSE是德国SUSE公司的一套基于Linux的自由操作系统与开源社区项目。 openSUSE Build service login-proxy-scripts dc000cdfe9b9b715fb92195b1a57559362f689ef之前版本存在安全漏洞,该漏洞允许攻击者向用户提供预期的登录表单,然后向攻击者指定的服务器发送明文凭据。
CVSS Information
N/A
Vulnerability Type
N/A