Multiple unknown vulnerabilities in viewcvs prior to 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote malicious users to gain sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
viewcvs viewcvs 0.9.2 |
||
debian debian linux 3.0 |