Lucene search
+L
ApacheSubversion

6 matches found

CVE
CVE
added 2019/09/26 3:55 p.m.495 views

CVE-2018-11782

CVE-2018-11782 affects Subversion's svnserve service. A specially crafted read-only request could cause svnserve to exit/crash, enabling remote denial of service. Public details confirm the issue in Subversion servers prior to versions 1.9.10, 1.10.4, and 1.12.0, with root cause tied to the svnse...

6.5CVSS6.7AI score0.02422EPSS
CVE
CVE
added 2016/05/05 6:0 p.m.158 views

CVE-2016-2167

The vulnerability CVE-2016-2167 affects Apache Subversion: the canonicalize_username function in svnserve/cyrus_auth.c, when Cyrus SASL is used, may allow remote authentication bypass by using a realm string that prefixes the expected repository realm. Affected versions are Subversion 1.8.x befor...

6.8CVSS6.8AI score0.06814EPSS
CVE
CVE
added 2016/05/05 6:0 p.m.158 views

CVE-2016-2168

CVE-2016-2168 affects Apache Subversion’s httpd-based Subversion server, specifically the mod_authz_svn module. The issue arises in the req_check_access path, allowing remote authenticated users to trigger a denial of service (NULL pointer dereference and crash) via a crafted header in a MOVE or ...

6.5CVSS6AI score0.19628EPSS
CVE
CVE
added 2017/10/16 1:0 p.m.115 views

CVE-2016-8734

CVE-2016-8734 affects Apache Subversion’s mod_dontdothat and HTTP(S) clients (versions 1.4.0–1.8.16 and 1.9.0–1.9.4). The root cause is exponential XML entity expansion, leading to denial-of-service via high CPU/memory usage. Multiple advisories confirm impact across distros (Debian, Mageia, Fedo...

6.5CVSS6.7AI score0.0638EPSS
CVE
CVE
added 2011/01/07 6:0 p.m.102 views

CVE-2010-4539

CVE-2010-4539 affects Apache Subversion's mod_dav_svn in versions shipped with Subversion prior to 1.6.15. The vulnerability is caused by a flaw in the walk function (repos.c) when processing SVNParentPath collections, allowing remote authenticated users to trigger a NULL pointer dereference and ...

6.8CVSS6AI score0.05136EPSS
CVE
CVE
added 2010/10/04 8:0 p.m.87 views

CVE-2010-3315

CVE-2010-3315 affects Apache Subversion’s mod_dav_svn: when SVNPathAuthz short_circuit is enabled, authz.c fails to correctly handle a named repository as a rule scope, allowing remote authenticated users to bypass access restrictions via svn commands. Vulnerable products/versions: Apache Subvers...

6CVSS5.9AI score0.04216EPSS