Filtered by vendor Koji Project
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-1002153 | 1 Koji Project | 1 Koji | 2023-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission. | |||||
CVE-2019-17109 | 1 Koji Project | 1 Koji | 2019-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation. | |||||
CVE-2018-1002150 | 1 Koji Project | 1 Koji | 2019-10-02 | 7.5 HIGH | 9.1 CRITICAL |
Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1. |