CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1000085
https://notcve.org/view.php?id=CVE-2017-1000085
04 Oct 2017 — Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server or Subversion server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to... • http://www.securityfocus.com/bid/99574 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 67%CPEs: 12EXPL: 0CVE-2017-9800 – subversion: Command injection through clients via malicious svn+ssh URLs
https://notcve.org/view.php?id=CVE-2017-9800
10 Aug 2017 — A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://. Una URL creada con fines maliciosos svn+s... • http://packetstormsecurity.com/files/143722/Apache-Subversion-Arbitrary-Code-Execution.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 8%CPEs: 84EXPL: 0CVE-2016-8734 – Debian Security Advisory 3932-1
https://notcve.org/view.php?id=CVE-2016-8734
10 Aug 2017 — Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory. El módulo mod_dontdothat y los clientes HTTP en su versión 1.4.0 hasta la 1.8.16 y 1.9.0 hasta la 1.9.4 de Apache Subversion son vulnerables a un ataque de denegación de servicio (DoS) provocado por la expansión expon... • http://www.debian.org/security/2017/dsa-3932 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 12%CPEs: 5EXPL: 0CVE-2016-2168 – Ubuntu Security Notice USN-3388-2
https://notcve.org/view.php?id=CVE-2016-2168
29 Apr 2016 — The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check. La función req_check_access en el módulo mod_authz_svn en el servidor httpd en Apache Subversion en versiones anteriores a 1.8.16 y 1.9.x en versiones anteriores a 1.9.4 permite a usuari... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184545.html •
CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2016-2167 – Ubuntu Security Notice USN-3388-2
https://notcve.org/view.php?id=CVE-2016-2167
29 Apr 2016 — The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string. La función canonicalize_username en svnserve/cyrus_auth.c en Apache Subversion en versiones anteriores a 1.8.16 y 1.9.x en versiones anteriores a 1.9.4, cuando se utiliza autenticación Cyrus SASL, ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184545.html • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 16%CPEs: 3EXPL: 0CVE-2015-5259 – Gentoo Linux Security Advisory 201610-05
https://notcve.org/view.php?id=CVE-2015-5259
08 Jan 2016 — Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read. Desbordamiento de entero en la función read_string en libsvn_ra_svn/marshal.c en Apache Subversion 1.9.x en versiones anteriores a 1.9.3 permite a atacantes remotos ejecutar código arbitrario a través de una cadena del protocolo svn://, lo que dese... • http://subversion.apache.org/security/CVE-2015-5259-advisory.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 8.0EPSS: 10%CPEs: 4EXPL: 0CVE-2015-5343 – Slackware Security Advisory - subversion Updates
https://notcve.org/view.php?id=CVE-2015-5343
17 Dec 2015 — Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow. Desbordamiento de entero en util.c en mod_dav_svn en Apache Subversion 1.7.x, 1.8.x en versiones anteriores a 1.8.15 y 1.9.x en versiones anteriores ... • http://subversion.apache.org/security/CVE-2015-5343-advisory.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 25%CPEs: 46EXPL: 0CVE-2015-3184 – subversion: Mixed anonymous/authenticated path-based authz with httpd 2.4
https://notcve.org/view.php?id=CVE-2015-3184
12 Aug 2015 — mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name. Vulnerabilidad en mod_authz_svn en Apache Subversion 1.7.x en versiones anteriores a 1.7.21 y 1.8.x en versiones anteriores a 1.8.14, al utilizar Apache httpd 2.4.x, no restringe correctamente el acceso anónimo, lo que permite a usuarios anónimos remotos leer archivos ocultos a t... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00003.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-285: Improper Authorization •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2015-3187 – subversion: svn_repos_trace_node_locations() reveals paths hidden by authz
https://notcve.org/view.php?id=CVE-2015-3187
12 Aug 2015 — The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path. Vulnerabilidad en la función svn_repos_trace_node_locations en Apache Subversion en versiones anteriores a 1.7.21 y 1.8.x en versiones anteriores a 1.8.14, cuando se utiliza autorización basada en ruta, permite a usuarios rem... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00003.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 2%CPEs: 14EXPL: 0CVE-2015-0202 – Gentoo Linux Security Advisory 201610-05
https://notcve.org/view.php?id=CVE-2015-0202
03 Apr 2015 — The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows remote attackers to cause a denial of service (memory consumption) via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes. El servidor mod_dav_svn en Subversion 1.8.0 hasta 1.8.11 permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de un número grande de solicitudes REPORT, lo que provoca el salto de nodos del repositorio FSFS. It was discovered that the Subversion mo... • http://lists.opensuse.org/opensuse-updates/2015-04/msg00008.html • CWE-399: Resource Management Errors •