Incorrect Access Control Vulnerability in Koji Versions 1.12-1.15

Incorrect Access Control Vulnerability in Koji Versions 1.12-1.15

CVE-2018-1002150 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1.

Learn more about our Web Application Penetration Testing UK.