Medium severity4.3NVD Advisory· Published Jan 27, 2020· Updated Jun 17, 2026
CVE-2018-12476
CVE-2018-12476
Description
Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed. This issue affects: SUSE Linux Enterprise Server 15 obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74:. openSUSE Factory obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- Range: <0.9.2.1537788075.fefaa74
- Range: <0.9.2.1537788075.fefaa74
- osv-coords3 versionspkg:rpm/opensuse/obs-service-tar_scm&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/obs-service-tar_scm&distro=openSUSE%20Tumbleweedpkg:rpm/suse/obs-service-tar_scm&distro=SUSE%20Package%20Hub%2015
< 0.10.5.1551309990.79898c7-lp150.2.3.1+ 2 more
- (no CPE)range: < 0.10.5.1551309990.79898c7-lp150.2.3.1
- (no CPE)range: < 0.10.28.1632141620.a8837d3-1.1
- (no CPE)range: < 0.10.5.1551309990.79898c7-bp150.3.3.1
- openSUSE/Factoryv5Range: obs-service-tar_scm
- Range: obs-service-tar_scm
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.