VYPR

rpm package

suse/subversion&distro=SUSE Linux Enterprise Software Development Kit 12 SP1

pkg:rpm/suse/subversion&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1

Vulnerabilities (3)

  • CVE-2016-2168MedMay 5, 2016
    affected < 1.8.10-21.1fixed 1.8.10-21.1

    The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) CO

  • CVE-2016-2167MedMay 5, 2016
    affected < 1.8.10-21.1fixed 1.8.10-21.1

    The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an

  • CVE-2015-5343HigApr 14, 2016
    affected < 1.8.10-18.2fixed 1.8.10-18.2

    Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded