RHEL 4 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - subversion: revision properties disclosure to user with partial access CVE-2007-2448 Note that Nessus has not teste...

RHEL 7 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: moddavsvn integer overflow when parsing skel-encoded request bodies CVE-2015-5343 - The...

RHEL 8 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - subversion: malicious SVN clients can crash moddavsvn CVE-2018-11803 Note that Nessus has not tested for this issue...

RHEL 6 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: Command injection through clients via malicious svn+ssh URLs CVE-2017-9800 - Svnserve in Apac...

RHEL 5 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: Command injection through clients via malicious svn+ssh URLs CVE-2017-9800 - Svnserve in Apac...

RHEL 8 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - subversion: malicious SVN clients can crash moddavsvn CVE-2018-11803 Note that Nessus has not tested for this issue...

RHEL 7 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: svnserve/sasl may authenticate users using the wrong realm CVE-2016-2167 - The reqcheckaccess...

RHEL 6 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: Command injection through clients via malicious svn+ssh URLs CVE-2017-9800 - The...

RHEL 5 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: Command injection through clients via malicious svn+ssh URLs CVE-2017-9800 - The...

GHSA-PHH3-2P9M-W6J5 Jenkins Subversion Partial Release Manager Plugin programmatically disables the fix for CVE-2016-3721

Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically sets the Java system property hudson.model.ParametersAction.keepUndefinedParameters whenever a build is triggered from a release tag with the 'Svn-Partial Release Manager' SCM. Doing so disables the fix for...

Jenkins Subversion Partial Release Manager Plugin programmatically disables the fix for CVE-2016-3721

Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically sets the Java system property hudson.model.ParametersAction.keepUndefinedParameters whenever a build is triggered from a release tag with the 'Svn-Partial Release Manager' SCM. Doing so disables the fix for...

CVE-2024-34148

Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically disables the fix for CVE-2016-3721 whenever a build is triggered from a release tag, by setting the Java system property 'hudson.model.ParametersAction.keepUndefinedParameters'...

CVE-2024-34148

Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically disables the fix for CVE-2016-3721 whenever a build is triggered from a release tag, by setting the Java system property 'hudson.model.ParametersAction.keepUndefinedParameters'...

CVE-2024-34148

Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically disables the fix for CVE-2016-3721 whenever a build is triggered from a release tag, by setting the Java system property 'hudson.model.ParametersAction.keepUndefinedParameters'...

CVE-2024-34148

Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically disables the fix for CVE-2016-3721 whenever a build is triggered from a release tag, by setting the Java system property 'hudson.model.ParametersAction.keepUndefinedParameters'...

CVE-2024-34148

CVE-2024-34148 affects Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier, which programmatically disables the CVE-2016-3721 fix by setting the Java system property hudson.model.ParametersAction.keepUndefinedParameters on release-tag builds. The GitHub advisory states there is no...

Jenkins Plugin Subversion Partial Release Manager 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

PT-2024-25719 · Jenkins · Jenkins Subversion Partial Release Manager Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Subversion Partial Release Manager Plugin versions 1.0.1 and earlier Description: The issue arises when a build is triggered from a release tag, causing the plugin to programmatically set the Java system property...

Jenkins plugins Multiple Vulnerabilities (2024-05-02)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - High Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are...

ROS-20240411-01

A vulnerability in the modauthzsvn module of the Subversion centralized version control system is related to incorrectly handling requests for non-existent URLs. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...