unauthorized read access to files where sourceaccess is disabled via a crafted _service file in Open Build Service
CVE-2020-8021
5.3MEDIUM
What is CVE-2020-8021?
a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5.
Affected Version(s)
Open Build Service Open Build Service < 2.10.5