Candidate: CVE-2011-4183
PublicDate: 2018-06-13 13:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4183
 https://bugzilla.suse.com/show_bug.cgi?id=736243
 https://github.com/openSUSE/open-build-service/commit/5281e4bff9df31f1f91e22a0d1e9086b93b23d7e
Description:
 A vulnerability in open build service allows remote attackers to upload
 arbitrary RPM files. Affected releases are SUSE open build service prior to
 2.1.16.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]


Patches_open-build-service:
upstream_open-build-service: released (2.1.16)
precise/esm_open-build-service: DNE
trusty_open-build-service: DNE
trusty/esm_open-build-service: DNE
xenial_open-build-service: DNE
artful_open-build-service: ignored (reached end-of-life)
bionic_open-build-service: not-affected (2.7.4-2)
cosmic_open-build-service: not-affected (2.7.4-2)
devel_open-build-service: not-affected (2.7.4-2)