106 matches found
EUVD-2004-0747
Malware in sbrugna...
EUVD-2015-3254
Malicious code in bioql PyPI...
RHEL 7 : subversion (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: moddavsvn integer overflow when parsing skel-encoded request bodies CVE-2015-5343 - The...
ROS-20240411-01
A vulnerability in the modauthzsvn module of the Subversion centralized version control system is related to incorrectly handling requests for non-existent URLs. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
BIT-SUBVERSION-2020-17525 Remote unauthenticated denial-of-service in Subversion mod_authz_svn
Subversion's modauthzsvn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in...
Rocky Linux 8 : subversion:1.10 (RLSA-2021:0507)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:0507 advisory. - Subversion's modauthzsvn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends ...
Advisory ROSA-SA-2023-2216
software: subversion 1.14.2 OS: ROSA-CHROME packageevrstring: subversion-1.14.2-1.src.rpm CVE-ID: CVE-2020-17525 BDU-ID: 2022-00306 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the modauthzsvn module of the Subversion centralized version control system is related to incorrect handling of reques...
K53556508: Apache mod_authz_svn vulnerability CVE-2015-3184
Security Advisory Description modauthzsvn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name. CVE-2015-3184 Impact There is no...
SUSE CVE-2004-0749
The modauthzsvn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via 1 svn log -v, 2 svn propget, or 3 svn blame, and other commands that follow renames...
SUSE CVE-2015-3184
modauthzsvn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name...
SUSE CVE-2016-2168
The reqcheckaccess function in the modauthzsvn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service NULL pointer dereference and crash via a crafted header in a 1 MOVE or 2 COPY request, involving an...
Ubuntu 18.04 LTS / 20.04 LTS : Subversion vulnerabilities (USN-5445-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5445-1 advisory. Ace Olszowka discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cau...
Ubuntu 16.04 ESM : Subversion vulnerability (USN-5322-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5322-1 advisory. Thomas Akesson discovered that Subversion incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Tenable has...
The vulnerability of the mod_authz_svn module in the centralized Subversion version control system, related to the assignment of a null pointer, allows a violator to trigger a service failure.
The vulnerability of the modauthzsvn module in a centralized Subversion version control system is related to improper handling of requests for non-existent URLs. Exploiting this vulnerability could allow an attacker to cause service interruptions...
EulerOS 2.0 SP9 : subversion (EulerOS-SA-2021-1959)
According to the version of the subversion packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A null-pointer-dereference flaw was found in modauthzsvn of subversion. This flaw allows a remote, unauthenticated attacker to cause a denial o...
EulerOS 2.0 SP9 : subversion (EulerOS-SA-2021-1938)
According to the version of the subversion packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A null-pointer-dereference flaw was found in modauthzsvn of subversion. This flaw allows a remote, unauthenticated attacker to cause a denial o...
Debian: Security Advisory (DLA-2646-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2646-1 : subversion security update
One security issue has been discovered in subversion : CVE-2020-17525 : Subversion's modauthzsvn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to...
openSUSE: Security Advisory for subversion (openSUSE-SU-2021:0280-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OESA-2021-1129 subversion security update
Subversion exists to be universally recognized and adopted as an open-source, centralized version control system characterized by its reliability as a safe haven for valuable data; the simplicity of its model and usage; and its ability to support the needs of a wide variety of users and projects,...