CVE-2018-12476— obs-service-extract_file's outfilename parameter allows to write files outside of package directory
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-12476
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
obs-service-extract_file's outfilename parameter allows to write files outside of package directory
Source: NVD (National Vulnerability Database)
Vulnerability Description
Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed. This issue affects: SUSE Linux Enterprise Server 15 obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74:. openSUSE Factory obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
相对路径遍历
Source: NVD (National Vulnerability Database)
Vulnerability Title
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15中存在安全漏洞。攻击者可利用该漏洞向包目录之外的位置写入文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server 15 | obs-service-tar_scm ~ 0.9.2.1537788075.fefaa74: | - | |
| openSUSE | Factory | obs-service-tar_scm ~ 0.9.2.1537788075.fefaa74 | - |
II. Public POCs for CVE-2018-12476
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-12476
请登录查看更多情报信息。
- https://bugzilla.suse.com/show_bug.cgi?id=1107944x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2018-12476
Same Patch Batch · SUSE · 2020-01-27 · 4 CVEs total
| CVE-2017-14807 | 8.1 HIGH | SQL injection in ui-server/app/models/diary_entry.rb in SUSE Studio onsite |
| CVE-2018-20105 | 4.0 MEDIUM | yast2-rmt exposes CA private key passhrase in log-file |
| CVE-2017-14806 | 3.7 LOW | Insecure handling of repodata and packages in SUSE Studio onlite |
IV. Related Vulnerabilities
Same vendor: SUSE
- CVE-2026-25702
nftables disabled due to incorrect kernel backport - CVE-2025-62879
Rancher Backup Operator pod's logs leak S3 tokens - CVE-2025-62878
Local Path Provisioner vulnerable to Path Traversal via para - CVE-2025-67601
Rancher CLI skips TLS verification on Rancher CLI login comm - CVE-2025-67860
NeuVector scanner insecurely handles passwords as command ar
Same weakness: CWE-23
- CVE-2026-8209
Gibbon<30.0.01路径遍历漏洞导致拒绝服务 - CVE-2026-43533
OpenClaw < 2026.4.10 - Arbitrary Local File Read via QQBot M - CVE-2026-43616
Detect-It-Easy < 3.21 Path Traversal Arbitrary File Write - CVE-2026-42085
OpenC3 COSMOS: Arbitrary write to plugins directory via path - CVE-2026-22070
ColorOS Assistant Path Traversal Vulnerability
V. Comments for CVE-2018-12476
No comments yet