Authorized users of the openbuildservice prior to 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage attribute, a similar issue to CVE-2018-7689.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse open build service |