Subversion@1.8.13 Security Vulnerabilities and Issues — Subversion@1.8.13 CVE List

Lucene search

ApacheSubversion1.8.13

3 matches found

CVE•added 2015/08/12 2:59 p.m.•177 views

CVE-2015-3184

mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name.

5CVSS7.6AI score0.21349EPSS

CVE•added 2015/08/12 2:59 p.m.•84 views

CVE-2015-3187

The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path.

4CVSS7.3AI score0.00593EPSS

CVE•added 2017/10/16 1:29 p.m.•84 views

CVE-2016-8734

Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory.

6.5CVSS6.7AI score0.07973EPSS