CVE-2011-4183

MEDIUM

SUSE Open Build Service <2.1.16 - RCE

Title source: llm

Description

A vulnerability in open build service allows remote attackers to upload arbitrary RPM files. Affected releases are SUSE open build service prior to 2.1.16.

References (2)

Core 2

Core References

Patch x_refsource_confirm

https://github.com/openSUSE/open-build-service/commit/5281e4bff9df31f1f91e22a0d1e9086b93b23d7e

Issue Tracking x_refsource_confirm

https://bugzilla.suse.com/show_bug.cgi?id=736243

Scores

CVSS v3 6.5

EPSS 0.0035

EPSS Percentile 57.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-862 CWE-434

Status published

Products (1)

opensuse/open_build_service < 2.1.16

Published Jun 13, 2018

Tracked Since Feb 18, 2026