What the vulnerability does
01Description
openSUSE openbuildservice before 9.2.4 allowed authenticated users to delete packages on specific projects with project links.
CVE-2018-12466
MEDIUM
CVE-2018-12466: openbuildservice allowed deleting packages via project links
CVSS base score
4.4/10
CVSS vector
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N
Key dates
02Disclosure timeline
August 1, 2018
CVE published
September 17, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2019-13550
CVE-2024-2641 Ruijie RG-NBS2009G-P Password passwdManage.htm improper authorization
CVE-2021-38486 InHand Networks IR615 Router
CVE-2024-9235 Mapster WP Maps <= 1.5.0 - Incorrect Authorization to Authenticated (Contributor+) Arbitrary Options Update
CVE-2024-48901 Moodle: idor when fetching report schedules
