Information on source package viewvc

Available versions

ReleaseVersion
stretch1.1.26-1
buster1.1.26-1

Open issues

BugstretchbusterDescription
CVE-2020-5283vulnerable (no DSA)vulnerable (no DSA)ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS ...

Resolved issues

BugDescription
CVE-2017-5938Cross-site scripting (XSS) vulnerability in the nav_path function in l ...
CVE-2012-4533Cross-site scripting (XSS) vulnerability in the "extra" details in the ...
CVE-2012-3357The SVN revision view (lib/vclib/svn/svn_repos.py) in ViewVC before 1. ...
CVE-2012-3356The remote SVN views functionality (lib/vclib/svn/svn_ra.py) in ViewVC ...
CVE-2010-0736Cross-site scripting (XSS) vulnerability in the view_queryform functio ...
CVE-2010-0132Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 an ...
CVE-2010-0005query.py in the query interface in ViewVC before 1.1.3 does not reject ...
CVE-2010-0004ViewVC before 1.1.3 composes the root listing view without using the a ...
CVE-2009-5024ViewVC before 1.1.11 allows remote attackers to bypass the cvsdb row_l ...
CVE-2009-3619Unspecified vulnerability in ViewVC 1.0 before 1.0.9 and 1.1 before 1. ...
CVE-2009-3618Cross-site scripting (XSS) vulnerability in viewvc.py in ViewVC 1.0 be ...
CVE-2008-4325lib/viewvc.py in ViewVC 1.0.5 uses the content-type parameter in the H ...
CVE-2008-1292ViewVC before 1.0.5 provides revision metadata without properly checki ...
CVE-2008-1291ViewVC before 1.0.5 stores sensitive information under the web root wi ...
CVE-2008-1290ViewVC before 1.0.5 includes "all-forbidden" files within search resul ...
CVE-2007-5743viewvc 1.0.3 allows improper access control to files in a repository w ...
CVE-2006-5442ViewVC 1.0.2 and earlier does not specify a charset in its HTTP header ...
CVE-2005-4831viewcvs in ViewCVS 0.9.2 allows remote attackers to set the Content-Ty ...
CVE-2005-4830CRLF injection vulnerability in viewcvs in ViewCVS 0.9.2 allows remote ...

Security announcements

DSA / DLADescription
DSA-3784-1viewvc - security update
DLA-820-1viewvc - security update
DSA-2563-1viewvc - several

Search for package or bug name: Reporting problems