Unrated severityNVD Advisory· Published Jan 29, 2010· Updated Jun 16, 2026
CVE-2010-0004
CVE-2010-0004
Description
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12cpe:2.3:a:viewvc:viewvc:1.0.1:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:viewvc:viewvc:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.1.2:*:*:*:*:*:*:*
- (no CPE)range: <1.1.3
Patches
Vulnerability mechanics
References
9- lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.htmlnvd
- viewvc.tigris.org/source/browse/%2Acheckout%2A/viewvc/trunk/docs/release-notes/1.1.0.htmlnvd
- viewvc.tigris.org/source/browse/viewvc/trunk/CHANGESnvd
- viewvc.tigris.org/source/browse/viewvcnvd
- www.openwall.com/lists/oss-security/2010/01/11/2nvd
- www.openwall.com/lists/oss-security/2010/01/13/5nvd
- www.openwall.com/lists/oss-security/2010/01/14/4nvd
- www.redhat.com/archives/fedora-package-announce/2009-December/msg01421.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2009-December/msg01464.htmlnvd
News mentions
0No linked articles in our index yet.