CVE-2025-54141 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2025-54141 Interim 1 1 2025-08-05T23:13:58Z current 2025-08-05T23:13:58Z 2025-08-05T23:13:58Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2025-54141 ViewVC is a browser interface for CVS and Subversion version control repositories. In versions 1.1.0 through 1.1.31 and 1.2.0 through 1.2.3, the standalone.py script provided in the ViewVC distribution can expose the contents of the host server's filesystem though a directory traversal-style attack. This is fixed in versions 1.1.31 and 1.2.4. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed viewvc-1.3.0~dev20250722-1.1 viewvc-1.3.0~dev20250722-1.1 as a component of openSUSE Tumbleweed ViewVC is a browser interface for CVS and Subversion version control repositories. In versions 1.1.0 through 1.1.31 and 1.2.0 through 1.2.3, the standalone.py script provided in the ViewVC distribution can expose the contents of the host server's filesystem though a directory traversal-style attack. This is fixed in versions 1.1.31 and 1.2.4. CVE-2025-54141 openSUSE Tumbleweed:viewvc-1.3.0~dev20250722-1.1 important 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N