CVE-2011-4181
HIGHSUSE Open Build Service <2.1.15, <2.3 - Info Disclosure
Title source: llmDescription
A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including version 2.1.15 (for 2.1) and before version 2.3.
References (2)
Core 2
Core References
Patch x_refsource_confirm
https://github.com/openSUSE/open-build-service/commit/5281e4bff9df31f1f91e22a0d1e9086b93b23d7e
Issue Tracking x_refsource_confirm
https://bugzilla.suse.com/show_bug.cgi?id=734003
Scores
CVSS v3
7.5
EPSS
0.0144
EPSS Percentile
70.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-20
CWE-284
Status
published
Products (1)
opensuse/open_build_service
2.1.0 - 2.1.16
Published
Jun 11, 2018
Tracked Since
Feb 18, 2026