CVE-2018-7688
MEDIUM6.5EPSS 0.17%Published: 6/7/2018Modified: 4/28/2026
Also known as:DEBIAN-CVE-2018-7688
Description
A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions.
Affected packages (1)
- Debian/open-build-servicefrom 0, < 2.9.4-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.5 | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |