RSS   Vulnerabilities for 'KOJI'   RSS

2018-04-04
 
CVE-2018-1002150

CWE-284
 

 
Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1.

 
2017-10-06
 
CVE-2017-1002153

 

 
Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission.

 


Copyright 2019, cxsecurity.com

 

Back to Top