CVE-2022-21949 – Multiple XXE vulnerabilities in OBS
https://notcve.org/view.php?id=CVE-2022-21949
A Improper Restriction of XML External Entity Reference vulnerability in SUSE Open Build Service allows remote attackers to reference external entities in certain operations. This can be used to gain information from the server that can be abused to escalate to Admin privileges on OBS. This issue affects: SUSE Open Build Service Open Build Service versions prior to 2.10.13. Una vulnerabilidad de Restricción Inapropiada de Referencia a Entidades externas XML en SUSE Open Build Service permite a atacantes remotos hacer referencia a entidades externas en determinadas operaciones. Esto puede ser usado para conseguir información del servidor que puede ser abusada para escalar a privilegios de administrador en OBS. • https://bugzilla.suse.com/show_bug.cgi?id=1197928 • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2021-36777 – login-proxy sends password to attacker-provided domain
https://notcve.org/view.php?id=CVE-2021-36777
A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed attackers to present users with a expected login form that then sends the clear text credentials to an attacker specified server. This issue affects: openSUSE Build service login-proxy-scripts versions prior to dc000cdfe9b9b715fb92195b1a57559362f689ef. Una vulnerabilidad Reliance on Untrusted Inputs in a Security Decision en el proxy de inicio de sesión del servicio openSUSE Build permitía a los atacantes presentar a los usuarios un formulario de inicio de sesión esperado que luego enviaba las credenciales en texto claro a un servidor especificado por el atacante. Este problema afecta a: openSUSE Build service login-proxy-scripts versiones anteriores a dc000cdfe9b9b715fb92195b1a57559362f689ef • https://bugzilla.suse.com/show_bug.cgi?id=1191209 • CWE-807: Reliance on Untrusted Inputs in a Security Decision •
CVE-2020-8031 – obs: Stored XSS
https://notcve.org/view.php?id=CVE-2020-8031
A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Open Build Service allows remote attackers to store JS code in markdown that is not properly escaped, impacting confidentiality and integrity. This issue affects: Open Build Service versions prior to 2.10.8. Una vulnerabilidad de neutralización Inapropiada de la entrada Durante la Generación de Páginas Web ("Cross-site Scripting") en Open Build Service permite a atacantes remotos almacenar código JS en rebajas que no se escapan correctamente, lo que afecta la confidencialidad e integridad. Este problema afecta a: Open Build Service versiones anteriores a 2.10.8 • https://bugzilla.suse.com/show_bug.cgi?id=1178880 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-12475 – obs-service-download_files allows downloading from localhost or intranet hosts
https://notcve.org/view.php?id=CVE-2018-12475
A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-download_files of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This issue affects: openSUSE Open Build Service . Una vulnerabilidad de Referencia Controlada Externamente en un Recurso en Another Sphere en la función obs-service-download_files de openSUSE Open Build Service, permite a usuarios autenticados generar peticiones HTTP contra redes internas y, potencialmente, descargar datos que están expuestos allí. Este problema afecta a: openSUSE Open Build Service • https://bugzilla.suse.com/show_bug.cgi?id=1107821 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVE-2020-8021 – unauthorized read access to files where sourceaccess is disabled via a crafted _service file in Open Build Service
https://notcve.org/view.php?id=CVE-2020-8021
a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5. Una vulnerabilidad de control de acceso inapropiado en Open Build Service permite a atacantes remotos leer archivos de un paquete OBS donde el sourceaccess/access está deshabilitado. Este problema afecta: Open Build Service versiones anteriores a 2.10.5. • https://bugzilla.suse.com/show_bug.cgi?id=1171649 https://lists.debian.org/debian-lts-announce/2021/02/msg00006.html • CWE-269: Improper Privilege Management •