Directory Deletion Vulnerability in Open Build Service

Directory Deletion Vulnerability in Open Build Service

CVE-2018-12477 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:P

A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affected releases are openSUSE Open Build Service: versions prior to d6244245dda5367767efc989446fe4b5e4609cce.

Learn more about our Cis Benchmark Audit For Suse Linux Enterprise Server.