25 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-28544
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured...
RHEL 8 : subversion (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - subversion: SVN authz protected copyfrom paths regression CVE-2021-28544 Note that Nessus has not tested for this...
RHEL 8 : subversion (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - subversion: malicious SVN clients can crash moddavsvn CVE-2018-11803 Note that Nessus has not tested for this issue...
RHEL 7 : subversion (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: svnserve/sasl may authenticate users using the wrong realm CVE-2016-2167 - The reqcheckaccess...
Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2022-2172)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for subversion (FEDORA-2022-13cc09ecf2)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
EulerOS 2.0 SP9 : subversion (EulerOS-SA-2022-1983)
According to the versions of the subversion packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according t...
Security Bulletin: A security vulnerability has been identified in Apache Subversion shipped with IBM Tivoli Netcool Impact (CVE-2021-28544)
Summary Apache Subversion is shipped with IBM Tivoli Netcool Impact. Information about a security vulnerability affecting Apache Subversion has been published in a security bulletin. Vulnerability Details CVEID: CVE-2021-28544 DESCRIPTION: Apache Subversion could allow a remote authenticated...
CVE-2021-28544 affecting package subversion for versions less than 1.14.2-1
CVE-2021-28544 affecting package subversion for versions less than 1.14.2-1. An upgraded version of the package is available that resolves this issue...
Ubuntu: Security Advisory (USN-5450-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5450-1: Subversion vulnerabilities
Evgeny Kotkov discovered that subversion servers did not properly follow path-based authorization rules in certain cases. An attacker could potentially use this issue to retrieve information about private paths. CVE-2021-28544 Thomas Weißschuh discovered that subversion servers did not properly...
openSUSE: Security Advisory for subversion (SUSE-SU-2022:1162-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-28544 affecting package subversion 1.14.0-4
CVE-2021-28544 affecting package subversion 1.14.0-4. A patched version of the package is available...
Debian: Security Advisory (DSA-5119-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-28544
A flaw was found in Subversion. When using path-based authorization authz, the helper function detectchanged does not omit potentially sensitive information from log messages. In particular, if a node is copied from a protected location, its 'copyfrom' path the path to the protected location is...
[SECURITY] [DSA 5119-1] subversion security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5119-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2022 https://www.debian.org/security/faq -...
SUSE: Security Advisory (SUSE-SU-2022:1162-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: subversion / subversion-bash-completion / subversion-devel / etc (SUSE-SU-2022:1161-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1161-1 advisory. - CVE-2022-24070: Fixed a memory corruption issue in moddavsvn as used by Apache HTTP server. This could be exploited by a remote...
SUSE SLED15: libsvn_auth_gnome_keyring-1-0 / libsvn_auth_kwallet-1-0 / etc (SUSE-SU-2022:1162-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1162-1 advisory. - CVE-2022-24070: Fixed a memory corruption issue in moddavsvn as used by Apache HTTP server. Th...
CVE-2021-28544
Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization authz rules. When a node has been copied from a protected location, users with access to the copy can see the 'copyfrom...