VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Aug 12, 2015· Updated May 6, 2026

CVE-2015-3184

CVE-2015-3184

Description

mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name.

Affected products

35
  • Apple Inc./Xcode
    cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
    Range: <=7.2.1
  • Apache/Subversion34 versions
    cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*+ 33 more
    • cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.10:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.11:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.12:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.13:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.14:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.15:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.16:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.17:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.18:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.19:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.7.20:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.8.3:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.8.4:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.8.5:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.8.6:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.8.7:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.8.8:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.8.9:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.8.10:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.8.11:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:subversion:1.8.13:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

10

News mentions

0

No linked articles in our index yet.