| Bug | Description |
|---|
| CVE-2020-8031 | A Improper Neutralization of Input During Web Page Generation ('Cross- ... |
| CVE-2020-8021 | a Improper Access Control vulnerability in of Open Build Service allow ... |
| CVE-2020-8020 | A Improper Neutralization of Input During Web Page Generation vulnerab ... |
| CVE-2018-12479 | A Improper Input Validation vulnerability in Open Build Service allows ... |
| CVE-2018-12467 | Authorized users of the openbuildservice before 2.9.4 could delete pac ... |
| CVE-2018-12466 | openSUSE openbuildservice before 9.2.4 allowed authenticated users to ... |
| CVE-2018-7689 | Lack of permission checks in the InitializeDevelPackage function in op ... |
| CVE-2018-7688 | A missing permission check in the review handling of openSUSE Open Bui ... |
| CVE-2017-9268 | In the open build service before 201707022 the wipetrigger and rebuild ... |
| CVE-2017-5188 | The bs_worker code in open build service before 20170320 followed rela ... |
| CVE-2015-0796 | In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before ... |
| CVE-2014-0594 | In the Open Build Service (OBS) before version 2.4.6 the CSRF protecti ... |
| CVE-2011-4183 | A vulnerability in open build service allows remote attackers to uploa ... |
| CVE-2011-4181 | A vulnerability in open build service allows remote attackers to gain ... |
| CVE-2011-3178 | In the web ui of the openbuildservice before 2.3.0 a code injection of ... |
| CVE-2011-0469 | Code injection in openSUSE when running some source services used in t ... |
| CVE-2010-3782 | obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to ... |