Описание
query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported authorizer for a root, which might allow remote attackers to bypass intended access restrictions via a query.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 1.1.5-1 |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | ignored | end of life |
| maverick | not-affected | 1.1.5-1 |
| natty | not-affected | 1.1.5-1 |
| oneiric | not-affected | 1.1.5-1 |
Показывать по
Ссылки на источники
7.5 High
CVSS2
Связанные уязвимости
query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported authorizer for a root, which might allow remote attackers to bypass intended access restrictions via a query.
query.py in the query interface in ViewVC before 1.1.3 does not reject ...
query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported authorizer for a root, which might allow remote attackers to bypass intended access restrictions via a query.
7.5 High
CVSS2