Candidate: CVE-2011-4181
PublicDate: 2018-06-11 15:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4181
 https://bugzilla.suse.com/show_bug.cgi?id=734003
 https://github.com/openSUSE/open-build-service/commit/5281e4bff9df31f1f91e22a0d1e9086b93b23d7e
Description:
 A vulnerability in open build service allows remote attackers to gain
 access to source files even though source access is disabled. Affected
 releases are SUSE open build service up to and including version 2.1.15
 (for 2.1) and before version 2.3.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N [7.5 HIGH]


Patches_open-build-service:
upstream_open-build-service: released (2.1.16)
precise/esm_open-build-service: DNE
trusty_open-build-service: DNE
trusty/esm_open-build-service: DNE
xenial_open-build-service: DNE
artful_open-build-service: ignored (reached end-of-life)
bionic_open-build-service: not-affected (2.7.4-2)
cosmic_open-build-service: not-affected (2.7.4-2)
devel_open-build-service: not-affected (2.7.4-2)