14 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-0248
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 moddavsvn and 2 svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service assertion...
Updated subversion packages fix security vulnerability
Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. CVE-2024-46901...
MGASA-2025-0058 Updated subversion packages fix security vulnerability
Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. CVE-2024-46901...
MGASA-2022-0140 Updated subversion packages fix security vulnerability
SVN authz protected copyfrom paths regression. CVE-2021-28544 Subversion's moddavsvn is vulnerable to memory corruption. CVE-2022-24070...
MGASA-2016-0161 Updated subversion packages fix security vulnerabilities
Updated subversion packages fix security vulnerabilities: Daniel Shahaf and James McCoy discovered that an implementation error in the authentication against the Cyrus SASL library would permit a remote user to specify a realm string which is a prefix of the expected realm string and potentially...
MGASA-2015-0490 Updated subversion packages fix security vulnerabilities
Updated subversion packages fix security vulnerability: Subversion's httpd servers are vulnerable to a remotely triggerable heap-based buffer overflow and out-of-bounds read caused by an integer overflow when parsing skel-encoded request bodies CVE-2015-5343. This allows remote attackers with wri...
MGASA-2015-0177 Updated subversion packages fix security vulnerabilities
Updated subversion packages fix security vulnerabilities: Subversion HTTP servers with FSFS repositories are vulnerable to a remotely triggerable excessive memory use with certain REPORT requests CVE-2015-0202. Subversion moddavsvn and svnserve are vulnerable to a remotely triggerable assertion D...
Updated subversion packages fix security vulnerabilities
A NULL pointer dereference flaw was found in the way moddavsvn handled REPORT requests. A remote, unauthenticated attacker could use a crafted REPORT request to crash moddavsvn CVE-2014-3580. A NULL pointer dereference flaw was found in the way moddavsvn handled URIs for virtual transaction names...
MGASA-2014-0545 Updated subversion packages fix security vulnerabilities
A NULL pointer dereference flaw was found in the way moddavsvn handled REPORT requests. A remote, unauthenticated attacker could use a crafted REPORT request to crash moddavsvn CVE-2014-3580. A NULL pointer dereference flaw was found in the way moddavsvn handled URIs for virtual transaction names...
MGASA-2014-0338 Updated subversion packages fix CVE-2014-3528
Updated subversion packages fix security vulnerability: Bert Huijben discovered that Subversion did not properly handle cached credentials. A malicious server could possibly use this issue to obtain credentials cached for a different server CVE-2014-3528. The subversion package has been patched t...
MGASA-2014-0105 Updated subversion packages fix CVE-2014-0032
Updated subversion packages fix security vulnerability: The moddavsvn module in Apache Subversion before 1.8.8, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service crash via an OPTIONS request CVE-2014-0032. The package has been updated to version 1.8.8, which...
MGASA-2014-0104 Updated subversion packages fix CVE-2014-0032
Updated subversion packages fix security vulnerability: The moddavsvn module in Apache Subversion before 1.8.8, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service crash via an OPTIONS request CVE-2014-0032. The package has been patched to correct this issue...
Important: Red Hat Security Advisory: : Updated Subversion packages fix security vulnerability in neon
Updated Subversion packages that fix a vulnerability in neon, exploitable by a malicious DAV server, are now available. Subversion is a concurrent version control system that uses inbuilt code from neon, an HTTP and WebDAV client library. Versions of the neon client library up to and including...
[Full-Disclosure] [RHSA-2004:159-01] Updated Subversion packages fix security vulnerability in neon
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated Subversion packages fix security vulnerability in neon Advisory ID: RHSA-2004:159-01 Issue date: 2004-04-15 Updated on: 2004-04-15...