vulnerability

Debian: CVE-2018-7688: open-build-service -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:N/I:P/A:N)	Jun 7, 2018	Jul 30, 2024	Mar 30, 2026

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:P/A:N)

Published

Jun 7, 2018

Added

Jul 30, 2024

Modified

Mar 30, 2026

Description

A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions.

Solution

debian-upgrade-open-build-service

References

CVE-2018-7688
https://attackerkb.com/topics/CVE-2018-7688
CWE-862
EUVD-EUVD-2018-19404
https://euvd.enisa.europa.eu/vulnerability/EUVD-2018-19404

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report