{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T08:03:43.998","vulnerabilities":[{"cve":{"id":"CVE-2017-14804","sourceIdentifier":"security@opentext.com","published":"2018-03-01T20:29:00.413","lastModified":"2024-11-21T03:13:32.357","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The build package before 20171128 did not check directory names during extraction of build results that allowed untrusted builds to write outside of the target system,allowing escape out of buildroots."},{"lang":"es","value":"El paquete de build anterior a 20171128 no comprobó nombres de directorio durante la extracción de resultados de build que permitían que builds no fiables escribiesen en el sistema objetivo. Esto provocaba el escape fuera de los buildroots."}],"metrics":{"cvssMetricV30":[{"source":"security@opentext.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security@opentext.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*","matchCriteriaId":"D41A798E-0D69-43C7-9A63-1E5921138EAC"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*","matchCriteriaId":"5F150BD9-4B94-42D3-9E14-58665B7FF220"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp3:*:*:*:*:*:*","matchCriteriaId":"B779A4B4-0721-4F4C-B3BD-C640BEAB2463"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*","matchCriteriaId":"1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB"},{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","matchCriteriaId":"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3"}]}]}],"references":[{"url":"https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00024.html","source":"security@opentext.com"},{"url":"https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00025.html","source":"security@opentext.com"},{"url":"https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00030.html","source":"security@opentext.com"},{"url":"https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00024.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00025.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00030.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}