7 matches found
CVE-2010-0004
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view...
SUSE CVE-2010-0004
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view...
PT-2022-21604 · Rdiffweb · Rdiffweb
Name of the Vulnerable Software and Affected Versions: rdiffweb versions prior to 2.4.8 Description: The issue concerns the allocation of resources without limits or throttling, which can lead to a denial-of-service DOS attack or memory corruption. Specifically, there is no limit on the length of...
CVE-2010-0004
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view...
CVE-2010-0004
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view...
CVE-2010-0004
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, potentially allowing remote attackers to discover private root names by reading the view. Affected component: ViewVC (core request handling for root listings). Root cause: authorization not enforced at ...
CVE-2010-0004
Removed by vendor...