← CVECheck
HomeVulnerabilities

CVE-2004-0180 — LOW severity vulnerability (The client for CVS before 1.11 allows a remote malicious CVS)

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.

CVE IDCVE-2004-0180
SeverityLOW
CVSS score2.6
CVSS vectorAV:N/AC:H/Au:N/C:N/I:P/A:N
CWENVD-CWE-Other
StatusModified
Published2004-06-01
Last modified2026-04-16
DescriptionThe client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →