CVE-2011-0466
openSUSE Build Service 2.0.x < 2.0.8 and 2.1.x < 2.1.6 - Unauthenticated Write Access Bypass
Title source: llmDescription
The API in SUSE openSUSE Build Service (OBS) 2.0.x before 2.0.8 and 2.1.x before 2.1.6 allows attackers to bypass intended write-access restrictions and modify a (1) package or (2) project via unspecified vectors.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://news.opensuse.org/2011/03/02/build-service-team-releases-new-versions-fixing-security-problems/
Scores
EPSS
0.0020
EPSS Percentile
41.7%
Details
CWE
CWE-264
Status
published
Products (21)
novell/opensuse_build_service
2.0
novell/opensuse_build_service
2.0.0
novell/opensuse_build_service
2.0.1
novell/opensuse_build_service
2.0.2
novell/opensuse_build_service
2.0.3
novell/opensuse_build_service
2.0.4
novell/opensuse_build_service
2.0.5
novell/opensuse_build_service
2.0.6
novell/opensuse_build_service
2.0.7
novell/opensuse_build_service
2.0.16
... and 11 more
Published
Apr 10, 2011
Tracked Since
Feb 18, 2026