Unrated severityNVD Advisory· Published Jan 29, 2010· Updated Apr 29, 2026
CVE-2010-0004
CVE-2010-0004
Description
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view.
Affected products
11cpe:2.3:a:viewvc:viewvc:1.0.1:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:viewvc:viewvc:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.7:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.htmlnvd
- viewvc.tigris.org/source/browse/%2Acheckout%2A/viewvc/trunk/docs/release-notes/1.1.0.htmlnvd
- viewvc.tigris.org/source/browse/viewvc/trunk/CHANGESnvd
- viewvc.tigris.org/source/browse/viewvcnvd
- www.openwall.com/lists/oss-security/2010/01/11/2nvd
- www.openwall.com/lists/oss-security/2010/01/13/5nvd
- www.openwall.com/lists/oss-security/2010/01/14/4nvd
- www.redhat.com/archives/fedora-package-announce/2009-December/msg01421.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2009-December/msg01464.htmlnvd
News mentions
0No linked articles in our index yet.