Critical severity9.1NVD Advisory· Published Apr 4, 2018· Updated Jun 17, 2026
CVE-2018-1002150
CVE-2018-1002150
Description
Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
kojiPyPI | >= 1.15, < 1.15.1 | 1.15.1 |
kojiPyPI | >= 1.14, < 1.14.1 | 1.14.1 |
kojiPyPI | >= 1.13, < 1.13.1 | 1.13.1 |
kojiPyPI | >= 1.12, < 1.12.1 | 1.12.1 |
Affected products
1Patches
Vulnerability mechanics
References
8- docs.pagure.org/koji/CVE-2018-1002150/nvdMitigationThird Party Advisory
- github.com/advisories/GHSA-6mww-xvh7-fq4fghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-1002150ghsaADVISORY
- pagure.io/koji/issue/850nvdThird Party AdvisoryWEB
- docs.pagure.org/koji/CVE-2018-1002150ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/koji/PYSEC-2018-86.yamlghsaWEB
- pagure.io/kojighsaPACKAGE
- pagure.io/koji/c/ab1ade7ghsaWEB
News mentions
0No linked articles in our index yet.