Vulnerability Details CVE-2015-0796
In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service patch application could generate non-standard files like symlinks or device nodes, which could allow buildservice users to break of confinement or cause denial of service attacks on the source service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.5%
CVSS Severity
CVSS v3 Score 6.3
CVSS v2 Score 4.6
References
Products affected by CVE-2015-0796
-
cpe:2.3:a:opensuse:open_buildservice:*