CVE-2017-9268

Name of the Vulnerable Software and Affected Versions open build service versions prior to 201707022

Description The issue allows authenticated users to cause operations on projects where they do not have permissions, leading to denial of service due to resource consumption. This occurs because the wipetrigger and rebuild actions check the wrong project for permissions.

Recommendations For versions prior to 201707022, update to a version 201707022 or later to resolve the issue. As a temporary workaround, consider restricting access to the wipetrigger and rebuild actions to minimize the risk of exploitation.