Search CVE reports


Toggle filters

1 – 10 of 26 results


CVE-2023-22464

Medium priority
Needs evaluation

ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an...

1 affected package

viewvc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
viewvc Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2023-22456

Medium priority
Needs evaluation

ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions prior to 1.2.2 and 1.1.29. The impact of this vulnerability is mitigated by the need...

1 affected package

viewvc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
viewvc Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2020-5283

Medium priority
Vulnerable

ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by...

1 affected package

viewvc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
viewvc Not in release Not in release Not in release Vulnerable Vulnerable
Show less packages

CVE-2007-5743

Low priority
Not affected

viewvc 1.0.3 allows improper access control to files in a repository when using the “forbidden” configuration option.

1 affected package

viewvc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
viewvc
Show less packages

CVE-2017-5938

Medium priority

Some fixes available 3 of 4

Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name.

1 affected package

viewvc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
viewvc Fixed
Show less packages

CVE-2012-4533

Medium priority

Some fixes available 1 of 6

Cross-site scripting (XSS) vulnerability in the “extra” details in the DiffSource._get_row function in lib/viewvc.py in ViewVC 1.0.x before 1.0.13 and 1.1.x before 1.1.16 allows remote authenticated users with repository commit...

1 affected package

viewvc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
viewvc Not affected
Show less packages

CVE-2012-3455

Medium priority

Some fixes available 2 of 9

Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service (application crash)...

2 affected packages

koffice, wv2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
koffice Not in release
wv2 Not in release
Show less packages

CVE-2012-3357

Low priority

Some fixes available 1 of 11

The SVN revision view (lib/vclib/svn/svn_repos.py) in ViewVC before 1.1.15 does not properly handle log messages when a readable path is copied from an unreadable path, which allows remote attackers to obtain...

1 affected package

viewvc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
viewvc Not affected
Show less packages

CVE-2012-3356

Low priority

Some fixes available 1 of 11

The remote SVN views functionality (lib/vclib/svn/svn_ra.py) in ViewVC before 1.1.15 does not properly perform authorization, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

1 affected package

viewvc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
viewvc Not affected
Show less packages

CVE-2009-5024

Low priority

Some fixes available 1 of 12

ViewVC before 1.1.11 allows remote attackers to bypass the cvsdb row_limit configuration setting, and consequently conduct resource-consumption attacks, via the limit parameter, as demonstrated by a “query revision history” request.

1 affected package

viewvc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
viewvc Not affected
Show less packages