CVE-2010-3906
Publication date 17 December 2010
Last updated 24 July 2024
Ubuntu priority
Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.
Status
Package | Ubuntu Release | Status |
---|---|---|
git | 11.10 oneiric |
Not affected
|
11.04 natty |
Not affected
|
|
10.10 maverick |
Fixed 1:1.7.1-1.1ubuntu0.1
|
|
10.04 LTS lucid | Not in release | |
9.10 karmic | Not in release | |
8.04 LTS hardy |
Not affected
|
|
6.06 LTS dapper |
Not affected
|
|
git-core | 11.10 oneiric | Not in release |
11.04 natty | Not in release | |
10.10 maverick | Not in release | |
10.04 LTS lucid |
Fixed 1:1.7.0.4-1ubuntu0.2
|
|
9.10 karmic |
Fixed 1:1.6.3.3-2ubuntu0.1
|
|
8.04 LTS hardy | Ignored end of life | |
6.06 LTS dapper | Ignored end of life |