CVE-2024-45720 Apache Subversion: Command line argument injection on Windows platforms

On Windows platforms, a "best fit" character encoding conversion of command line arguments to Subversion's executables e.g., svn.exe, etc. may lead to unexpected command line argument interpretation, including argument injection and execution of other programs, if a specially crafted command line...

CVE-2024-45720 Apache Subversion: Command line argument injection on Windows platforms

On Windows platforms, a "best fit" character encoding conversion of command line arguments to Subversion's executables e.g., svn.exe, etc. may lead to unexpected command line argument interpretation, including argument injection and execution of other programs, if a specially crafted command line...

Apache Subversion 操作系统命令注入漏洞

Apache Subversion is the United States Apache Apache Foundation of a set of open source version control system. The system is compatible with Concurrent Versions System CVS. Apache Subversion 1.14.4 version of the previous operating system command injection vulnerability , the vulnerability stems...

PT-2024-31739

Name of the Vulnerable Software and Affected Versions: Apache Subversion versions up to and including 1.14.3 Description: On Windows platforms, a "best fit" character encoding conversion of command line arguments to Subversion's executables may lead to unexpected command line argument...

PT-2024-32272 · Apache +4 · Apache Subversion +4

Name of the Vulnerable Software and Affected Versions: Apache Subversion versions prior to 1.14.5 Description: Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod dav svn allows authenticated users with commit access to commit a corrupt...

RHEL 7 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: moddavsvn integer overflow when parsing skel-encoded request bodies CVE-2015-5343 - The...

RHEL 6 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: Command injection through clients via malicious svn+ssh URLs CVE-2017-9800 - Svnserve in Apac...

RHEL 5 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: Command injection through clients via malicious svn+ssh URLs CVE-2017-9800 - Svnserve in Apac...

BIT-SUBVERSION-2021-28544 Apache Subversion SVN authz protected copyfrom paths regression

Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization authz rules. When a node has been copied from a protected location, users with access to the copy can see the 'copyfrom...

Rocky Linux 8 : subversion:1.10 (RLSA-2019:2512)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2019:2512 advisory. - In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences o...

Rocky Linux 8 : subversion:1.10 (RLSA-2020:4712)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:4712 advisory. - In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request...

Apache Subversion Client SEoL (<= 1.0.x)

According to its version, Apache Subversion Client is less than or equal to 1.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

Apache Subversion Client SEoL (1.11.x)

According to its version, Apache Subversion Client is 1.11.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...

Apache Subversion Server SEoL (1.11.x)

According to its version, Apache Subversion Server is 1.11.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...

Apache Subversion Client SEoL (1.5.x)

According to its version, Apache Subversion Client is 1.5.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...

Apache Subversion Server SEoL (1.9.x)

According to its version, Apache Subversion Server is 1.9.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...

Apache Subversion Client SEoL (1.1.x)

According to its version, Apache Subversion Client is 1.1.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...

Apache Subversion Server SEoL (1.2.x)

According to its version, Apache Subversion Server is 1.2.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...

Apache Subversion Client SEoL (1.12.x)

According to its version, Apache Subversion Client is 1.12.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...

Apache Subversion Server SEoL (1.4.x)

According to its version, Apache Subversion Server is 1.4.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...