14 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-0248
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 moddavsvn and 2 svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service assertion...
MGASA-2025-0058 Updated subversion packages fix security vulnerability
Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. CVE-2024-46901...
Updated subversion packages fix security vulnerability
Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. CVE-2024-46901...
MGASA-2022-0140 Updated subversion packages fix security vulnerability
SVN authz protected copyfrom paths regression. CVE-2021-28544 Subversion's moddavsvn is vulnerable to memory corruption. CVE-2022-24070...
MGASA-2016-0161 Updated subversion packages fix security vulnerabilities
Updated subversion packages fix security vulnerabilities: Daniel Shahaf and James McCoy discovered that an implementation error in the authentication against the Cyrus SASL library would permit a remote user to specify a realm string which is a prefix of the expected realm string and potentially...
MGASA-2015-0490 Updated subversion packages fix security vulnerabilities
Updated subversion packages fix security vulnerability: Subversion's httpd servers are vulnerable to a remotely triggerable heap-based buffer overflow and out-of-bounds read caused by an integer overflow when parsing skel-encoded request bodies CVE-2015-5343. This allows remote attackers with wri...
MGASA-2015-0177 Updated subversion packages fix security vulnerabilities
Updated subversion packages fix security vulnerabilities: Subversion HTTP servers with FSFS repositories are vulnerable to a remotely triggerable excessive memory use with certain REPORT requests CVE-2015-0202. Subversion moddavsvn and svnserve are vulnerable to a remotely triggerable assertion D...
Updated subversion packages fix security vulnerabilities
A NULL pointer dereference flaw was found in the way moddavsvn handled REPORT requests. A remote, unauthenticated attacker could use a crafted REPORT request to crash moddavsvn CVE-2014-3580. A NULL pointer dereference flaw was found in the way moddavsvn handled URIs for virtual transaction names...
MGASA-2014-0545 Updated subversion packages fix security vulnerabilities
A NULL pointer dereference flaw was found in the way moddavsvn handled REPORT requests. A remote, unauthenticated attacker could use a crafted REPORT request to crash moddavsvn CVE-2014-3580. A NULL pointer dereference flaw was found in the way moddavsvn handled URIs for virtual transaction names...
MGASA-2014-0338 Updated subversion packages fix CVE-2014-3528
Updated subversion packages fix security vulnerability: Bert Huijben discovered that Subversion did not properly handle cached credentials. A malicious server could possibly use this issue to obtain credentials cached for a different server CVE-2014-3528. The subversion package has been patched t...
MGASA-2014-0105 Updated subversion packages fix CVE-2014-0032
Updated subversion packages fix security vulnerability: The moddavsvn module in Apache Subversion before 1.8.8, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service crash via an OPTIONS request CVE-2014-0032. The package has been updated to version 1.8.8, which...
MGASA-2014-0104 Updated subversion packages fix CVE-2014-0032
Updated subversion packages fix security vulnerability: The moddavsvn module in Apache Subversion before 1.8.8, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service crash via an OPTIONS request CVE-2014-0032. The package has been patched to correct this issue...
Important: Red Hat Security Advisory: : Updated Subversion packages fix security vulnerability in neon
Updated Subversion packages that fix a vulnerability in neon, exploitable by a malicious DAV server, are now available. Subversion is a concurrent version control system that uses inbuilt code from neon, an HTTP and WebDAV client library. Versions of the neon client library up to and including...
[Full-Disclosure] [RHSA-2004:159-01] Updated Subversion packages fix security vulnerability in neon
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated Subversion packages fix security vulnerability in neon Advisory ID: RHSA-2004:159-01 Issue date: 2004-04-15 Updated on: 2004-04-15...