CVE-2018-12477

A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affected releases are openSUSE Open Build Service: versions prior to d6244245dda5367767efc989446fe4b5e4609cce.
References
Link Resource
https://bugzilla.suse.com/show_bug.cgi?id=1108189 Issue Tracking Patch
https://lwn.net/Articles/766535/ Mailing List Third Party Advisory
Configurations

Configuration 1

cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*

Information

Published : 2018-10-09 01:29

Updated : 2019-10-09 11:34


NVD link : CVE-2018-12477

Mitre link : CVE-2018-12477

Products Affected
No products.
CWE