3 matches found
RHEL 5 : subversion (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: Command injection through clients via malicious svn+ssh URLs CVE-2017-9800 - Svnserve in Apac...
Amazon Linux AMI : subversion / mod_dav_svn (ALAS-2017-883)
Command injection through clients via malicious svn+ssh URLs A shell command injection flaw related to the handling of 'svn+ssh' URLs has been discovered in Subversion. An attacker could use this flaw to execute shell commands with the privileges of the user running the Subversion client, for...
Apache Subversion Arbitrary Code Execution Vulnerability
Apache Subversion has released version 1.9.7 which addresses an arbitrary code execution vulnerability. I'm happy to announce the release of Apache Subversion 1.9.7. Please choose the mirror closest to you by visiting: http://subversion.apache.org/download.cgi?update=201708081800recommended-relea...