{"id":"UBUNTU-CVE-2011-4183","details":"A vulnerability in open build service allows remote attackers to upload arbitrary RPM files. Affected releases are SUSE open build service prior to 2.1.16.","modified":"2025-07-16T08:10:31.731863Z","published":"2018-06-13T13:29:00Z","withdrawn":"2025-07-18T16:42:44Z","upstream":["CVE-2011-4183"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2011-4183"},{"type":"REPORT","url":"https://bugzilla.suse.com/show_bug.cgi?id=736243"},{"type":"REPORT","url":"https://github.com/openSUSE/open-build-service/commit/5281e4bff9df31f1f91e22a0d1e9086b93b23d7e"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2011-4183"}],"affected":[{"package":{"name":"open-build-service","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/open-build-service@2.7.4-2?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.4-2"}]}],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"obs-api","binary_version":"2.7.4-2"},{"binary_name":"obs-productconverter","binary_version":"2.7.4-2"},{"binary_name":"obs-server","binary_version":"2.7.4-2"},{"binary_name":"obs-utils","binary_version":"2.7.4-2"},{"binary_name":"obs-worker","binary_version":"2.7.4-2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2011/UBUNTU-CVE-2011-4183.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"type":"Ubuntu","score":"medium"}]}