CVE-2013-3703
Published
CVSS v3
N/A
CVSS v2
4
MEDIUM
Affected
1
PROJECT
Description
The controller of the Open Build Service API prior to version 2.4.4 is missing a write permission check, allowing an authenticated attacker to add or remove user roles from packages and/or project meta data.
Build and distribute Linux packages from sources in an automatic, consistent and reproducible way #obs
GitHub