3 matches found
CVE-2017-9800
CVE-2017-9800 : A malicious svn+ssh URL could cause Subversion clients to execute an arbitrary shell command. Affected are Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3. The issue arises from improper handling/input validation of svn+ssh URLs, and a mali...
CVE-2016-8734
CVE-2016-8734 affects Apache Subversion’s mod_dontdothat and HTTP(S) clients (versions 1.4.0–1.8.16 and 1.9.0–1.9.4). The root cause is exponential XML entity expansion, leading to denial-of-service via high CPU/memory usage. Multiple advisories confirm impact across distros (Debian, Mageia, Fedo...
CVE-2013-4246
CVE-2013-4246 affects Apache Subversion 1.8.x prior to 1.8.2. The vulnerability resides in libsvn_fs_fs/fs_fs.c, which could allow remote authenticated users with commit access to corrupt FSFS repositories and trigger a denial of service or disclose sensitive information by editing packed revisio...