rpm package
almalinux/libserf
pkg:rpm/almalinux/libserf
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-24070 | — | < 1.3.9-9.module_el8.3.0+2053+ac338b6d | 1.3.9-9.module_el8.3.0+2053+ac338b6d | Apr 12, 2022 | Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not | ||
| CVE-2020-17525 | — | < 1.3.9-9.module_el8.3.0+2053+ac338b6d | 1.3.9-9.module_el8.3.0+2053+ac338b6d | Mar 17, 2021 | Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed | ||
| CVE-2019-0203 | — | < 1.3.9-9.module_el8.3.0+2053+ac338b6d | 1.3.9-9.module_el8.3.0+2053+ac338b6d | Sep 26, 2019 | In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server. | ||
| CVE-2018-11782 | — | < 1.3.9-9.module_el8.3.0+2053+ac338b6d | 1.3.9-9.module_el8.3.0+2053+ac338b6d | Sep 26, 2019 | In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server. |
- CVE-2022-24070Apr 12, 2022affected < 1.3.9-9.module_el8.3.0+2053+ac338b6dfixed 1.3.9-9.module_el8.3.0+2053+ac338b6d
Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not
- CVE-2020-17525Mar 17, 2021affected < 1.3.9-9.module_el8.3.0+2053+ac338b6dfixed 1.3.9-9.module_el8.3.0+2053+ac338b6d
Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed
- CVE-2019-0203Sep 26, 2019affected < 1.3.9-9.module_el8.3.0+2053+ac338b6dfixed 1.3.9-9.module_el8.3.0+2053+ac338b6d
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.
- CVE-2018-11782Sep 26, 2019affected < 1.3.9-9.module_el8.3.0+2053+ac338b6dfixed 1.3.9-9.module_el8.3.0+2053+ac338b6d
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.