Platform
python
Component
koji
Fixed in
1.15.1
CVE-2018-1002150 describes a critical access control vulnerability affecting Koji, a build system for RPM packages. This flaw allows an attacker to gain arbitrary filesystem read and write access, potentially leading to complete system compromise. The vulnerability impacts Koji versions 1.12, 1.13, 1.14, and 1.15. A fix is available in versions 1.12.1, 1.13.1, 1.14.1, and 1.15.1.
The impact of CVE-2018-1002150 is severe. An attacker exploiting this vulnerability can read and write any file on the system where Koji is running, bypassing standard access controls. This could allow them to steal sensitive data, modify system configurations, install malware, or gain persistent access to the system. The ability to write arbitrary files is particularly concerning, as it could be used to inject malicious code or escalate privileges. The potential for widespread impact is high, especially in environments where Koji is used to manage critical software packages.
CVE-2018-1002150 was publicly disclosed on July 12, 2018. While no active exploitation campaigns have been definitively linked to this CVE, the critical severity and ease of exploitation make it a potential target. There are publicly available proof-of-concept exploits demonstrating the vulnerability. This CVE has not been added to the CISA KEV catalog.
Exploit Status
EPSS
0.30% (53% percentile)
CVSS Vector
The primary mitigation for CVE-2018-1002150 is to upgrade Koji to a patched version (1.12.1, 1.13.1, 1.14.1, or 1.15.1). If an immediate upgrade is not possible, consider implementing stricter access controls within the Koji environment to limit the potential damage. Review and restrict user permissions, and monitor Koji logs for suspicious activity. While a WAF is unlikely to directly mitigate this vulnerability, it can help detect and block attempts to exploit it. After upgrading, verify the fix by attempting to access files outside of the intended Koji data directories with a user account that previously had access.
No official patch available. Check for workarounds or monitor for updates.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2018-1002150 is a critical vulnerability in Koji versions 1.12, 1.13, 1.14, and 1.15 that allows attackers to read and write any file on the system due to flawed access controls.
You are affected if you are running Koji versions 1.12, 1.13, 1.14, or 1.15 (≤1.15.0).
Upgrade Koji to version 1.15.1 or later (1.12.1, 1.13.1, or 1.14.1 are also fixes).
While no confirmed active exploitation campaigns are publicly known, the vulnerability's severity and ease of exploitation make it a potential target.
Refer to the Koji project's security advisories for details: https://koji.org/security/
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.