RSS   Vulnerabilities for 'KOJI'   RSS

2019-10-09
 
CVE-2019-17109

CWE-22
 
 
Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation.

 
2018-04-04
 
CVE-2018-1002150

CWE-732
 
 
Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1.

 
2017-10-06
 
CVE-2017-1002153

CWE-20
 
 
Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission.

 

Copyright 2024, cxsecurity.com

 

Back to Top