CVE-2017-12836

CVE-2017-12836 affects CVS 1.12.x when configured to use SSH for remote repositories. A remote attacker can supply a repository URL with a crafted hostname (for example, a string that triggers -oProxyCommand) to cause arbitrary code execution on the target. This is evidenced by cross-references i...

CVE-2004-0778

CVE-2004-0778 affects CVS: 1.11.x before 1.11.17 and 1.12.x before 1.12.9. The flaw enables remote attackers to determine the existence of arbitrary files/directories by abusing the -X option for an alternate history file, causing different error messages to be returned. The OpenVAS-derived entri...