openSUSE Tumbleweed — obs-service-download_url — vulnerability — patch and remediation guide
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read • Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2024-22033 Upstream summary: The OBS service obs-service-download_url was vulnerable to a command injection vulnerability. The attacker could provide a configuration to the service that allowed […]