Koji

koji

Vendor: Koji Project • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-17109 1Koji Project 1Koji Nov 21, 2024 Oct 9, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation.
CVE-2018-1002150 1Koji Project 1Koji Nov 21, 2024 Apr 4, 2018 N/A· v4 9.1 CRITICAL· v3 7.5 HIGH· v2 Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15....Show more Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1.Show less
CVE-2017-1002153 1Koji Project 1Koji May 13, 2026 Oct 6, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission.