Medium severity5.5NVD Advisory· Published Oct 16, 2024· Updated Apr 15, 2026
CVE-2024-22034
CVE-2024-22034
Description
Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- osv-coords6 versionspkg:rpm/opensuse/osc&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/osc&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/osc&distro=openSUSE%20Tumbleweedpkg:rpm/suse/osc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/osc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/osc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 1.9.0-150400.10.6.1+ 5 more
- (no CPE)range: < 1.9.0-150400.10.6.1
- (no CPE)range: < 1.9.0-150400.10.6.1
- (no CPE)range: < 1.9.0-1.1
- (no CPE)range: < 1.9.0-150400.10.6.1
- (no CPE)range: < 1.9.0-150400.10.6.1
- (no CPE)range: < 0.183.0-15.18.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.