Lucene search
+L
ApacheSubversion

8 matches found

cve
cve
added 2015/08/12 2:0 p.m.226 views

CVE-2015-3184

CVE-2015-3184 affects Subversion’s mod_authz_svn when used with Apache httpd 2.4.x. The issue is an improper restriction of anonymous access in Subversion 1.7.x (before 1.7.21) and 1.8.x (before 1.8.14), which allows remote anonymous users to read hidden files via the path name. Affected product:...

5CVSS7.6AI score0.10607EPSS
cve
cve
added 2015/04/08 6:0 p.m.139 views

CVE-2015-0248

CVE-2015-0248 affects Subversion (mod_dav_svn and svnserve) versions 1.6.0–1.7.19 and 1.8.0–1.8.11. The issue is an assertion failure DoS triggered by crafted requests with dynamically evaluated revision numbers, potentially crashing the server. Multiple connected advisories confirm this vulnerab...

5CVSS7.9AI score0.12841EPSS
cve
cve
added 2011/06/06 7:0 p.m.123 views

CVE-2011-1752

This CVE affects Subversion 1.6.x prior to 1.6.17, specifically the mod_dav_svn Apache module. The root cause is a NULL pointer dereference when handling baselined WebDAV resource requests, allowing remote attackers to cause a denial of service (daemon crash). The issue is noted as exploited in t...

5CVSS6.2AI score0.08483EPSS
cve
cve
added 2014/12/18 3:0 p.m.104 views

CVE-2014-3580

CVE-2014-3580 affects the mod_dav_svn component of Apache Subversion (1.x) prior to 1.7.19 and 1.8.x prior to 1.8.11. A remote attacker can trigger a NULL pointer dereference via a REPORT request for a non-existent resource , causing a denial of service and server crash. Connected sources documen...

5CVSS8.7AI score0.1067EPSS
cve
cve
added 2014/12/18 3:0 p.m.93 views

CVE-2014-8108

The CVE-2014-8108 issue affects the Apache Subversion mod_dav_svn module. According to connected docs, Subversion 1.7.x is vulnerable before 1.7.19 and 1.8.x is vulnerable before 1.8.11, where a remote attacker can trigger a NULL pointer dereference by requesting a URI that causes a lookup for a ...

5CVSS8.7AI score0.09692EPSS
cve
cve
added 2013/07/31 10:0 a.m.87 views

CVE-2013-1968

CVE-2013-1968 affects Subversion with FSFS repositories, where a newline in a filename can be exploited to corrupt the repository and cause denial of service. Public reports from multiple vendors describe vulnerable ranges as Subversion releases before 1.6.23 and 1.7.x before 1.7.10. Connected ad...

5.5CVSS5.9AI score0.02814EPSS
cve
cve
added 2013/05/02 2:0 p.m.84 views

CVE-2013-1847

CVE-2013-1847 is a denial-of-service in Subversion via the mod_dav_svn Apache HTTPD module. The issue occurs when an anonymous LOCK is issued for a URL that does not exist, triggering crashes (NULL pointer dereference) in vulnerable Subversion versions. Affected are Subversion mod_dav_svn on Apac...

5CVSS6.3AI score0.51442EPSS
cve
cve
added 2013/05/02 2:0 p.m.69 views

CVE-2013-1884

CVE-2013-1884 affects Subversion's mod_dav_svn for Apache httpd. In Subversion 1.7.0–1.7.8, a log REPORT request with an invalid limit can trigger an access of an uninitialized variable, causing a denial of service (segmentation fault/crash). Exploitation context: remote attacker via HTTP. The re...

5CVSS6.3AI score0.50538EPSS