{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-44942", "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "state": "PUBLISHED", "assignerShortName": "suse", "dateReserved": "2026-05-08T12:29:48.968Z", "datePublished": "2026-06-18T09:57:12.821Z", "dateUpdated": "2026-06-18T12:09:37.292Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2026-06-18T09:57:12.821Z"}, "title": "libzypp .repo files can have an optional path which can lead to path traversal attacks", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-24", "description": "CWE-24 Path traversal: '../filedir'", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-130", "descriptions": [{"lang": "en", "value": "CAPEC-130 Excessive Allocation"}]}], "affected": [{"vendor": "SUSE", "product": "libzypp", "packageName": "libzypp", "repo": "https://github.com/opensuse/libzypp", "modules": ["repo parsing"], "versions": [{"status": "affected", "version": "17.0.0", "lessThan": "17.38.13", "versionType": "semver"}, {"status": "affected", "version": "0", "lessThan": "16.22.19", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "A path traversal in handling the \"path\" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by attackers to fill directories on the system outside of the zypp cache with content.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "A path traversal in handling the \"path\" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by attackers to fill directories on the system outside of the zypp cache with content."}]}], "references": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=1267874", "tags": ["issue-tracking"]}, {"url": "https://www.suse.com/security/cve/CVE-2026-44942.html", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}}], "credits": [{"lang": "en", "value": "Michael Andres", "type": "finder"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.2"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-18T12:05:47.827082Z", "id": "CVE-2026-44942", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-18T12:09:37.292Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-44942", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-18T12:05:47.827082Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-18T12:09:23.563Z"}}], "cna": {"title": "libzypp .repo files can have an optional path which can lead to path traversal attacks", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Michael Andres"}], "impacts": [{"capecId": "CAPEC-130", "descriptions": [{"lang": "en", "value": "CAPEC-130 Excessive Allocation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/opensuse/libzypp", "vendor": "SUSE", "modules": ["repo parsing"], "product": "libzypp", "versions": [{"status": "affected", "version": "17.0.0", "lessThan": "17.38.13", "versionType": "semver"}, {"status": "affected", "version": "0", "lessThan": "16.22.19", "versionType": "semver"}], "packageName": "libzypp", "defaultStatus": "unaffected"}], "references": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=1267874", "tags": ["issue-tracking"]}, {"url": "https://www.suse.com/security/cve/CVE-2026-44942.html", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.2"}, "descriptions": [{"lang": "en", "value": "A path traversal in handling the \"path\" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by attackers to fill directories on the system outside of the zypp cache with content.", "supportingMedia": [{"type": "text/html", "value": "A path traversal in handling the \"path\" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by attackers to fill directories on the system outside of the zypp cache with content.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-24", "description": "CWE-24 Path traversal: '../filedir'"}]}], "providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2026-06-18T09:57:12.821Z"}}}, "cveMetadata": {"cveId": "CVE-2026-44942", "state": "PUBLISHED", "dateUpdated": "2026-06-18T12:09:37.292Z", "dateReserved": "2026-05-08T12:29:48.968Z", "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "datePublished": "2026-06-18T09:57:12.821Z", "assignerShortName": "suse"}, "dataVersion": "5.2"}

{}

{"bugzilla": {"description": "libzypp: libzypp: Denial of Service via path traversal in .repo file handling", "id": "2490281", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2490281"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-22", "details": ["A flaw was found in libzypp. This path traversal vulnerability, present in the handling of the \"path\" component within .repo files, could allow attackers to write content to directories outside of the intended zypp cache. This unauthorized writing of data can lead to a Denial of Service (DoS) by filling up disk space on the system."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2026-44942", "public_date": "2026-06-18T09:57:12Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-44942\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-44942\nhttps://bugzilla.suse.com/show_bug.cgi?id=1267874\nhttps://www.suse.com/security/cve/CVE-2026-44942.html"], "statement": "This Moderate impact vulnerability in libzypp allows a path traversal when processing specially crafted `.repo` files. An attacker could exploit this flaw to write arbitrary content outside the intended zypp cache, potentially leading to a denial of service by exhausting disk space. This issue affects systems that process untrusted `.repo` files.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[17.0.0,17.38.13)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,16.22.19)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "libzypp", "source": "cna", "vendor": "SUSE"}, "product": "libzypp", "vendor": "suse"}], "created": "2026-06-18T20:00:15.055190+00:00", "updated": "2026-06-24T20:42:03.033003+00:00", "vendors": ["suse", "suse$PRODUCT$libzypp"], "weaknesses": ["CWE-22", "CWE-24"]}