Subversion
by Apache
Source repositories
CVEs (48)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-2112 | 0.00 | — | 0.04 | Jul 31, 2013 | The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection. | |||
| CVE-2013-1968 | 0.00 | — | 0.03 | Jul 31, 2013 | Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name. | |||
| CVE-2013-1845 | 0.00 | — | 0.06 | May 2, 2013 | The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory. | |||
| CVE-2011-1921 | 0.00 | — | 0.06 | Jun 6, 2011 | The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows… | |||
| CVE-2010-4644 | 0.00 | — | 0.04 | Jan 7, 2011 | Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command. | |||
| CVE-2010-4539 | 0.00 | — | 0.05 | Jan 7, 2011 | The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking… | |||
| CVE-2010-3315 | 0.00 | — | 0.04 | Oct 4, 2010 | authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote… | |||
| CVE-2004-1438 | 0.00 | — | 0.01 | Dec 31, 2004 | The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command. |
- CVE-2013-2112Jul 31, 2013risk 0.00cvss —epss 0.04
The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.
- CVE-2013-1968Jul 31, 2013risk 0.00cvss —epss 0.03
Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.
- CVE-2013-1845May 2, 2013risk 0.00cvss —epss 0.06
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory.
- CVE-2011-1921Jun 6, 2011risk 0.00cvss —epss 0.06
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows…
- CVE-2010-4644Jan 7, 2011risk 0.00cvss —epss 0.04
Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.
- CVE-2010-4539Jan 7, 2011risk 0.00cvss —epss 0.05
The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking…
- CVE-2010-3315Oct 4, 2010risk 0.00cvss —epss 0.04
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote…
- CVE-2004-1438Dec 31, 2004risk 0.00cvss —epss 0.01
The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command.
Page 3 of 3