| Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-3356 | 5.0 |
The remote SVN views functionality (lib/vclib/svn/svn_ra.py) in ViewVC before 1.1.15 does not properly perform authorization, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
|
13-02-2023 - 04:33 | 22-07-2012 - 16:55 | |
| CVE-2012-4533 | 4.3 |
Cross-site scripting (XSS) vulnerability in the "extra" details in the DiffSource._get_row function in lib/viewvc.py in ViewVC 1.0.x before 1.0.13 and 1.1.x before 1.1.16 allows remote authenticated users with repository commit access to inject arbit
|
13-02-2023 - 00:26 | 19-11-2012 - 00:55 | |
| CVE-2009-5024 | 5.0 |
ViewVC before 1.1.11 allows remote attackers to bypass the cvsdb row_limit configuration setting, and consequently conduct resource-consumption attacks, via the limit parameter, as demonstrated by a "query revision history" request.
|
13-08-2018 - 21:47 | 23-05-2011 - 22:55 | |
| CVE-2012-3357 | 5.0 |
The SVN revision view (lib/vclib/svn/svn_repos.py) in ViewVC before 1.1.15 does not properly handle log messages when a readable path is copied from an unreadable path, which allows remote attackers to obtain sensitive information, related to a "log
|
29-08-2017 - 01:31 | 22-07-2012 - 16:55 |