Information on source package open-build-service

Available versions

Bug	stretch	sid	Description
CVE-2020-8031	vulnerable (no DSA, postponed)	vulnerable	A Improper Neutralization of Input During Web Page Generation ('Cross- ...
CVE-2020-8021	fixed	vulnerable	a Improper Access Control vulnerability in of Open Build Service allow ...
CVE-2020-8020	fixed	vulnerable	A Improper Neutralization of Input During Web Page Generation vulnerab ...
CVE-2018-12479	vulnerable (no DSA)	fixed	A Improper Input Validation vulnerability in Open Build Service allows ...
CVE-2018-12467	vulnerable (no DSA)	fixed	Authorized users of the openbuildservice before 2.9.4 could delete pac ...
CVE-2018-12466	vulnerable (no DSA)	vulnerable	openSUSE openbuildservice before 9.2.4 allowed authenticated users to ...
CVE-2018-7689	vulnerable (no DSA)	fixed	Lack of permission checks in the InitializeDevelPackage function in op ...
CVE-2018-7688	vulnerable (no DSA)	fixed	A missing permission check in the review handling of openSUSE Open Bui ...
CVE-2017-9268	vulnerable (no DSA)	vulnerable	In the open build service before 201707022 the wipetrigger and rebuild ...
CVE-2017-5188	vulnerable (no DSA)	fixed	The bs_worker code in open build service before 20170320 followed rela ...

Bug	Description
CVE-2015-0796	In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before ...
CVE-2014-0594	In the Open Build Service (OBS) before version 2.4.6 the CSRF protecti ...
CVE-2011-4183	A vulnerability in open build service allows remote attackers to uploa ...
CVE-2011-4181	A vulnerability in open build service allows remote attackers to gain ...
CVE-2011-3178	In the web ui of the openbuildservice before 2.3.0 a code injection of ...
CVE-2011-0469	Code injection in openSUSE when running some source services used in t ...
CVE-2010-3782	obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to ...

DSA / DLA	Description
DLA-2545-1	open-build-service - security update