Summary
| Detail | |||
|---|---|---|---|
| Vendor | Opensuse | First view | 2014-02-06 |
| Product | Osc | Last view | 2020-06-29 |
| Version | Type | Application | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:a:opensuse:osc:0.133:*:*:*:*:*:*:* | 2 |
| cpe:2.3:a:opensuse:osc:*:*:*:*:*:*:*:* | 2 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 9.8 | 2020-06-29 | CVE-2019-3681 | A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that can change downloaded packages to overwrite arbitrary files. This issue affects: SUSE Linux Enterprise Module for Development Tools 15 osc versions prior to 0.169.1-3.20.1. SUSE Linux Enterprise Software Development Kit 12-SP5 osc versions prior to 0.162.1-15.9.1. SUSE Linux Enterprise Software Development Kit 12-SP4 osc versions prior to 0.162.1-15.9.1. openSUSE Leap 15.1 osc versions prior to 0.169.1-lp151.2.15.1. openSUSE Factory osc versions prior to 0.169.0 . |
| 4.3 | 2014-02-06 | CVE-2012-1095 | osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a terminal emulator. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-170.nasl - Type: ACT_GATHER_INFO |
