Subversion@1.6.14 Security Vulnerabilities and Issues — Subversion@1.6.14 CVE List

Lucene search

ApacheSubversion1.6.14

9 matches found

CVE•added 2013/05/02 2:55 p.m.•75 views

CVE-2013-1846

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL.

4CVSS5.9AI score0.01331EPSS

CVE•added 2013/07/31 1:20 p.m.•70 views

CVE-2013-2088

contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename.

7.1CVSS7.1AI score0.0503EPSS

CVE•added 2013/05/02 2:55 p.m.•68 views

CVE-2013-1845

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory.

2.1CVSS6AI score0.01483EPSS

CVE•added 2013/07/31 1:20 p.m.•68 views

CVE-2013-2112

The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.

7.8CVSS6.2AI score0.03541EPSS

CVE•added 2013/05/02 2:55 p.m.•65 views

CVE-2013-1847

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist.

5CVSS6.3AI score0.42898EPSS

CVE•added 2013/05/02 2:55 p.m.•64 views

CVE-2013-1849

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL.

4.3CVSS6.3AI score0.14496EPSS

CVE•added 2013/07/31 1:20 p.m.•55 views

CVE-2013-1968

Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.

5.5CVSS5.9AI score0.00523EPSS

CVE•added 2013/09/16 7:14 p.m.•54 views

CVE-2013-4277

Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option.

3.3CVSS6.1AI score0.00231EPSS

CVE•added 2013/12/07 8:55 p.m.•47 views

CVE-2013-4505

The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request.

2.6CVSS6.5AI score0.01539EPSS