368 matches found
OPENSUSE-SU-2021:0084-1 Security update for viewvc
This update for viewvc fixes the following issues: - update to 1.1.28 boo1167974, CVE-2020-5283: security fix: escape subdir lastmod file name 211 fix standalone.py first request failure 195 suppress stack traces with option to show 140 distinguish text/binary/image files by icons 166, 175 colori...
Security update for viewvc (moderate)
openSUSE Security Update: Security update for viewvc Announcement ID: openSUSE-SU-2021:0084-1 Rating: moderate References: 1167974 Cross-References: CVE-2020-5283 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for viewvc fix...
MGASA-2020-0221 Updated viewvc packages fix security vulnerability
Updated viewvc package fixes security vulnerability: ViewVC before versions 1.1.28 has an XSS vulnerability in CVS showsubdirlastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted...
Updated viewvc packages fix security vulnerability
Updated viewvc package fixes security vulnerability: ViewVC before versions 1.1.28 has an XSS vulnerability in CVS showsubdirlastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted...
Fedora: Security Advisory for viewvc (FEDORA-2020-c952520959)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 30 Update: viewvc-1.1.28-1.fc30
ViewVC is a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings. It can display specific versions of files as well as diffs between those versions. Basically, ViewVC provides the bul...
Fedora 30 : viewvc (2020-c952520959)
Fix for CVE-2020-5283. ViewVC 1.1.28 ChangeLog - security fix: escape subdir lastmod file name 211 - fix standalone.py first request failure 195 ViewVC 1.1.27 ChangeLog : - suppress stack traces with option to show 140 - distinguish text/binary/image files by icons 166, 175 - colorize alternating...
CVE-2020-5283
ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS showsubdirlastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has the...
CVE-2020-5283
ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS showsubdirlastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has the...
Cross site scripting
ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS showsubdirlastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has the...
UBUNTU-CVE-2020-5283
ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS showsubdirlastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has the...
CVE-2020-5283
ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS showsubdirlastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has the...
CVE-2020-5283
CVE-2020-5283 - ViewVC XSS in show_subdir_lastmod is confirmed by connected sources: vulnerable before 1.1.28 and 1.2.1 due to unsafe handling of file names in CVS show_subdir_lastmod. Exploitation requires a user with CVS commit privileges on a trusted ViewVC instance with show_subdir_lastmod en...
CVE-2020-5283
Removed by vendor...
CVE-2020-5283 XSS vulnerability in CVS show_subdir_lastmod support
ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS showsubdirlastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has the...
ViewVC Cross-Site Scripting Vulnerability (CNVD-2020-33722)
ViewVC is a Web-based CVS, SVN code repository browsing tool . A cross-site scripting vulnerability exists in ViewVC versions prior to 1.1.28 and 1.2.1. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability...
CVE-2007-5743
viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option...
CVE-2007-5743
viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option...
Improper access control
viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option...
CVE-2007-5743
viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option...