CVE-2017-5188
HIGH7.5EPSS 0.15%Published: 3/1/2018Modified: 4/28/2026
Also known as:DEBIAN-CVE-2017-5188
Description
The bs_worker code in open build service before 20170320 followed relative symlinks, allowing reading of files outside of the package source directory during build, allowing leakage of private information.
Affected packages (1)
- Debian/open-build-servicefrom 0, < 2.7.4-3
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |