Denial Of Service (DoS)

subversion is vulnerable to denial of service DoS. The vulnerability exists as a server-side memory leak was found in the Subversion server. If a malicious, remote user performed "svn blame" or "svn log" operations on certain repository files, it could cause the Subversion server to consume a lar...

Denial Of Service (DoS)

subversion is vulnerable to denial of service DoS. The vulnerability exists as a NULL pointer dereference flaw was found in the way the moddavsvn module for use with the Apache HTTP Server processed certain requests. If a malicious, remote user issued a certain type of request to display a...

Information Disclosure

subversion is vulnerable to information disclosure. The partial access functionality is not properly implemented, allowing users who have access to change paths to obtain confidential confidential information via propget, proplist or propedit...

Remote Code Execution(RCE)

Subversion SVN is a vulnerable to Remote Code ExecutionRCE.Multiple heap overflow flaws in Subversion server and client when parsing binary deltas. A malicious user with commit access to a server could use these flaws to cause a heap overflow on that server. A malicious server could use these fla...

CVE-2018-1000111

An improper authorization vulnerability exists in Jenkins Subversion Plugin version 2.10.2 and earlier in SubversionStatus.java and SubversionRepositoryStatus.java that allows an attacker with network access to obtain a list of nodes and users...

CVE-2020-2152

Jenkins Subversion Release Manager Plugin 1.2 and earlier does not escape the error message for the Repository URL field form validation, resulting in a reflected cross-site scripting vulnerability...

CVE-2020-2111

Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability...

CVE-2020-9344

Subversion ALM for the enterprise before 8.8.2 allows reflected XSS at multiple locations...

CVE-2020-9344

Subversion ALM for the enterprise before 8.8.2 allows reflected XSS at multiple locations...

Cross site scripting

Subversion ALM for the enterprise before 8.8.2 allows reflected XSS at multiple locations...

CVE-2020-9344

CVE-2020-9344 affects Jira Subversion ALM for Enterprise prior to 8.8.2. The connected nuclei data confirms a cross-site scripting (XSS) vulnerability at multiple locations in the web application, enabling an attacker to execute arbitrary JavaScript in the victim’s browser. Root cause is cited as...

CVE-2020-9344

Subversion ALM for the enterprise before 8.8.2 allows reflected XSS at multiple locations...

Subversion ALM for the enterprise cross-site scripting vulnerability

Subversion ALM for the enterprise is a lightweight answer submission management system. A cross-site scripting vulnerability exists in Subversion ALM for the enterprise prior to 8.8.2, which stems from a lack of proper validation of client-side data in the web application and can be exploited by ...

CloudBees Jenkins Subversion Release Manager Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . Subversion Release Manager Plugin is used ...

DEBIAN-CVE-2020-1739

A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from...

UBUNTU-CVE-2020-1739

A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from...

PYSEC-2020-11

A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from...

CVE-2020-2152

Jenkins Subversion Release Manager Plugin 1.2 and earlier does not escape the error message for the Repository URL field form validation, resulting in a reflected cross-site scripting vulnerability...

CVE-2020-2152

Jenkins Subversion Release Manager Plugin 1.2 and earlier does not escape the error message for the Repository URL field form validation, resulting in a reflected cross-site scripting vulnerability...

Cross site scripting

Jenkins Subversion Release Manager Plugin 1.2 and earlier does not escape the error message for the Repository URL field form validation, resulting in a reflected cross-site scripting vulnerability...