Attackers could put the special files in .osc into the...
Moderate severity
Unreviewed
Published
Oct 16, 2024
to the GitHub Advisory Database
•
Updated Oct 16, 2024
Description
Published by the National Vulnerability Database
Oct 16, 2024
Published to the GitHub Advisory Database
Oct 16, 2024
Last updated
Oct 16, 2024
Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim
References