Search CVE reports
1 – 10 of 26 results
CVE-2023-22464
Medium priorityViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an...
1 affected packages
viewvc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
viewvc | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
CVE-2023-22456
Medium priorityViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions prior to 1.2.2 and 1.1.29. The impact of this vulnerability is mitigated by the need...
1 affected packages
viewvc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
viewvc | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
CVE-2020-5283
Medium priorityViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by...
1 affected packages
viewvc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
viewvc | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
CVE-2007-5743
Low priorityviewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option.
1 affected packages
viewvc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
viewvc | — | — | — | — | — |
CVE-2017-5938
Medium prioritySome fixes available 3 of 4
Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name.
1 affected packages
viewvc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
viewvc | — | — | — | — | Fixed |
CVE-2012-4533
Medium prioritySome fixes available 1 of 6
Cross-site scripting (XSS) vulnerability in the "extra" details in the DiffSource._get_row function in lib/viewvc.py in ViewVC 1.0.x before 1.0.13 and 1.1.x before 1.1.16 allows remote authenticated users with repository commit...
1 affected packages
viewvc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
viewvc | — | — | — | — | Not affected |
CVE-2012-3455
Medium prioritySome fixes available 2 of 9
Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service (application crash)...
2 affected packages
koffice, wv2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
koffice | — | — | — | — | Not in release |
wv2 | — | — | — | — | Not in release |
CVE-2012-3357
Low prioritySome fixes available 1 of 11
The SVN revision view (lib/vclib/svn/svn_repos.py) in ViewVC before 1.1.15 does not properly handle log messages when a readable path is copied from an unreadable path, which allows remote attackers to obtain...
1 affected packages
viewvc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
viewvc | — | — | — | — | Not affected |
CVE-2012-3356
Low prioritySome fixes available 1 of 11
The remote SVN views functionality (lib/vclib/svn/svn_ra.py) in ViewVC before 1.1.15 does not properly perform authorization, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
1 affected packages
viewvc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
viewvc | — | — | — | — | Not affected |
CVE-2009-5024
Low prioritySome fixes available 1 of 12
ViewVC before 1.1.11 allows remote attackers to bypass the cvsdb row_limit configuration setting, and consequently conduct resource-consumption attacks, via the limit parameter, as demonstrated by a "query revision history" request.
1 affected packages
viewvc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
viewvc | — | — | — | — | Not affected |