Unrated severityNVD Advisory· Published Jun 14, 2007· Updated Apr 23, 2026

CVE-2007-2448

Description

Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obtain sensitive information (revision properties) via svn (1) propget, (2) proplist, or (3) propedit.

Affected products

Subversion/Subversion
cpe:2.3:a:subversion:subversion:*:*:*:*:*:*:*:*
Range: <=1.4.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securitytracker.com/idnvdPatch
www.securityfocus.com/bid/24463nvdPatch
osvdb.org/36070nvd
secunia.com/advisories/43139nvd
subversion.tigris.org/security/CVE-2007-2448-advisory.txtnvd
www.ubuntu.com/usn/USN-1053-1nvd
www.vupen.com/english/advisories/2007/2230nvd
www.vupen.com/english/advisories/2011/0264nvd
issues.rpath.com/browse/RPL-1896nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000