Vulnerability Details CVE-2018-12477
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affected releases are openSUSE Open Build Service: versions prior to d6244245dda5367767efc989446fe4b5e4609cce.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.0%
CVSS Severity
CVSS v3 Score 3.5
CVSS v2 Score 6.4
References