PT-2018-9620 · Red Hat · Koji

Mikem

Published

2018-04-04

Updated

2019-10-03

CVE-2018-1002150

CVSS v4.0

9.3

Critical

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions: Koji versions 1.12 through 1.15

Description: The issue is related to incorrect access control, which results in arbitrary filesystem read/write access.

Recommendations: For versions 1.12, update to version 1.12.1. For version 1.13, update to version 1.13.1. For version 1.14, update to version 1.14.1. For version 1.15, update to version 1.15.1.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2018-1002150

GHSA-6MWW-XVH7-FQ4F

PYSEC-2018-86

Affected Products

Koji

PT-2018-9620 · Red Hat · Koji

CVE-2018-1002150

Weakness Enumeration

Related Identifiers

Affected Products

References · 14