Description
A path traversal in handling the "path" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by attackers to fill directories on the system outside of the zypp cache with content.
Published: 2026-06-18
Score: 6.5 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A path traversal flaw exists in the handling of the path component within .repo files processed by libzypp. The vulnerability can be exploited to write files to arbitrary directories outside the zypp cache, potentially compromising system integrity. This flaw falls under CWE‑22 and CWE‑24 and directly reduces the confidentiality and integrity of the system by allowing unauthorized file creation.

Affected Systems

The flaw affects the SUSE libzypp package prior to version 17.38.13 in the 17.x series and prior to 16.22.19 in the 16.x series. Any system that relies on libzypp for package repository management and uses .repo files is potentially vulnerable.

Risk and Exploitability

The CVSS score of 6.5 indicates a moderate severity, and no EPSS score is available, so exploitation likelihood cannot be quantified. The vulnerability is not listed in the CISA KEV catalog. Based on the description, the likely attack vector is inferred to be local, as an attacker would need to create or modify .repo files, thereby making it a local privilege escalation vector. Affected systems should consider the risk as moderate until the library is patched.

Generated by OpenCVE AI on June 19, 2026 at 01:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade libzypp to the patched releases (≥ 17.38.13 or ≥ 16.22.19).
  • If upgrading is not immediately possible, remove any optional path settings from .repo files or revert to default paths that remain within the zypp cache.
  • Configure file system permissions or use access control policies to ensure that only trusted administrators can modify repository configuration files and write to system directories.

Generated by OpenCVE AI on June 19, 2026 at 01:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 19 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-22
References
Metrics threat_severity

None

 threat_severity

Moderate

Thu, 18 Jun 2026 16:45:00 +0000

Type Values Removed Values Added
Description A path traversal in handling the "path" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by attackers to fill directories on the system outside of the zypp cache with content.
Title libzypp .repo files can have an optional path which can lead to path traversal attacks
Weaknesses CWE-24
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: suse

Published:

Updated: 2026-06-18T12:09:37.292Z

Reserved: 2026-05-08T12:29:48.968Z

Link: CVE-2026-44942

cve-icon Vulnrichment

Updated: 2026-06-18T12:09:23.563Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-18T09:57:12Z

Links: CVE-2026-44942 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-19T01:30:16Z

Weaknesses
  • CWE-22

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

  • CWE-24

    Path Traversal: '../filedir'