Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

apache subversion 1.8.0 vulnerabilities and exploits

(subscribe to this query)

2.4
CVSSv2
CVE-2013-4262
svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. NOTE: this issue was SPLIT due to different affected versions (ADT3). The irkerbridge.py...
Apache Subversion 1.8.0Apache Subversion 1.8.1Apache Subversion 1.8.2
6.5
CVSSv2
CVE-2013-4246
libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties....
Apache Subversion 1.8.0Apache Subversion 1.8.1
2.4
CVSSv2
CVE-2013-7393
The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the --pidfile option is used. NOTE: this issue was SPLIT from CVE-2013-4262 based on...
Apache Subversion 1.8.0Apache Subversion 1.8.1
4
CVSSv2
CVE-2013-4131
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request against a...
Apache Subversion 1.7.1Apache Subversion 1.7.2Apache Subversion 1.7.10Apache Subversion 1.8.0Apache Subversion 1.7.3Apache Subversion 1.7.4Apache Subversion 1.7.5Apache Subversion 1.7.6Apache Subversion 1.7.0Apache Subversion 1.7.7Apache Subversion 1.7.8Apache Subversion 1.7.9
4.3
CVSSv2
CVE-2014-0032
The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the server root and request methods...
Apache Subversion 1.8.1Apache Subversion 1.8.2Apache Subversion 1.8.5Apache Subversion 1.8.0Apache Subversion 1.8.3Apache Subversion 1.8.4Apache Subversion 1.7.10Apache Subversion 1.7.11Apache Subversion 1.7.6Apache Subversion 1.7.7Apache SubversionApache Subversion 1.7.2Apache Subversion 1.7.3Apache Subversion 1.7.0Apache Subversion 1.7.1Apache Subversion 1.7.4Apache Subversion 1.7.5Apache Subversion 1.7.12Apache Subversion 1.7.9Apache Subversion 1.7.13Apache Subversion 1.7.8
7.8
CVSSv2
CVE-2015-0202
The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows remote attackers to cause a denial of service (memory consumption) via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes....
Apache Subversion 1.8.0Apache Subversion 1.8.8Apache Subversion 1.8.9Apache Subversion 1.8.3Apache Subversion 1.8.4Apache Subversion 1.8.5Apache Subversion 1.8.1Apache Subversion 1.8.2Apache Subversion 1.8.10Apache Subversion 1.8.11Apache Subversion 1.8.6Apache Subversion 1.8.7Opensuse Opensuse 13.1Opensuse Opensuse 13.2
5
CVSSv2
CVE-2015-3184
mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name....
Apple XcodeApache Subversion 1.7.7Apache Subversion 1.7.6Apache Subversion 1.7.17Apache Subversion 1.7.16Apache Subversion 1.7.0Apache Subversion 1.7.20Apache Subversion 1.8.3Apache Subversion 1.8.2Apache Subversion 1.7.9Apache Subversion 1.7.8Apache Subversion 1.7.19Apache Subversion 1.7.18Apache Subversion 1.7.11Apache Subversion 1.7.10Apache Subversion 1.7.1Apache Subversion 1.8.5Apache Subversion 1.8.4Apache Subversion 1.8.1Apache Subversion 1.7.5Apache Subversion 1.7.4Apache Subversion 1.7.15Apache Subversion 1.7.14Apache Subversion 1.8.9Apache Subversion 1.8.8Apache Subversion 1.8.0Apache Subversion 1.8.11Apache Subversion 1.7.3Apache Subversion 1.7.2Apache Subversion 1.7.13Apache Subversion 1.7.12Apache Subversion 1.8.7Apache Subversion 1.8.6Apache Subversion 1.8.13Apache Subversion 1.8.10
4
CVSSv2
CVE-2015-0251
The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences....
Apache Subversion 1.7.4Apache Subversion 1.7.3Apache Subversion 1.7.14Apache Subversion 1.7.13Apache Subversion 1.6.7Apache Subversion 1.6.6Apache Subversion 1.6.2Apache Subversion 1.6.19Apache Subversion 1.6.12Apache Subversion 1.6.11Apache Subversion 1.5.4Apache Subversion 1.5.3Apache Subversion 1.8.4Apache Subversion 1.8.5Apache Subversion 1.7.8Apache Subversion 1.7.7Apache Subversion 1.7.18Apache Subversion 1.7.17Apache Subversion 1.7.10Apache Subversion 1.7.1Apache Subversion 1.6.3Apache Subversion 1.6.23Apache Subversion 1.6.16Apache Subversion 1.6.15Apache Subversion 1.6.0Apache Subversion 1.5.8Apache Subversion 1.8.0Apache Subversion 1.8.1Apache Subversion 1.8.8Apache Subversion 1.8.9Apache Subversion 1.5.0Apache Subversion 1.7.9Apache Subversion 1.7.2Apache Subversion 1.7.19Apache Subversion 1.7.12Apache Subversion 1.7.11Apache Subversion 1.6.5Apache Subversion 1.6.4Apache Subversion 1.6.18Apache Subversion 1.6.17Apache Subversion 1.6.10Apache Subversion 1.6.1Apache Subversion 1.5.2Apache Subversion 1.5.1Apache Subversion 1.8.6Apache Subversion 1.8.7Apache Subversion 1.7.6Apache Subversion 1.7.5Apache Subversion 1.7.16Apache Subversion 1.7.15Apache Subversion 1.7.0Apache Subversion 1.6.9Apache Subversion 1.6.8Apache Subversion 1.6.21Apache Subversion 1.6.20Apache Subversion 1.6.14Apache Subversion 1.6.13Apache Subversion 1.5.7Apache Subversion 1.5.6Apache Subversion 1.5.5Apache Subversion 1.8.2Apache Subversion 1.8.3Apache Subversion 1.8.10Apache Subversion 1.8.11Opensuse Opensuse 13.2Opensuse Opensuse 13.1Redhat Enterprise Linux Server Eus 6.7.zRedhat Enterprise Linux Workstation 6.0Redhat Enterprise Linux Server 6.0Redhat Enterprise Linux Hpc Node 6.0Redhat Enterprise Linux Desktop 6.0Oracle Solaris 11.3Apple Xcode 7.0
2.6
CVSSv2
CVE-2013-4505
The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request....
Apache Mod Dontdothat -Apache Subversion 1.8.1Apache Subversion 1.4.0Apache Subversion 1.5.0Apache Subversion 1.5.1Apache Subversion 1.5.8Apache Subversion 1.6.0Apache Subversion 1.6.16Apache Subversion 1.6.17Apache Subversion 1.6.3Apache Subversion 1.6.4Apache Subversion 1.7.1Apache Subversion 1.7.10Apache Subversion 1.6.10Apache Subversion 1.6.19Apache Subversion 1.4.5Apache Subversion 1.4.2Apache Subversion 1.7.11Apache Subversion 1.6.18Apache Subversion 1.6.21Apache Subversion 1.6.5Apache Subversion 1.7.6Apache Subversion 1.5.3Apache Subversion 1.5.7Apache Subversion 1.4.6Apache Subversion 1.7.12Apache Subversion 1.5.2Apache Subversion 1.6.1Apache Subversion 1.6.23Apache Subversion 1.6.15Apache Subversion 1.7.5Apache Subversion 1.6.14Apache Subversion 1.5.6Apache Subversion 1.6.6Apache Subversion 1.6.9Apache Subversion 1.4.1Apache Subversion 1.7.0Apache Subversion 1.7.3Apache Subversion 1.6.20Apache Subversion 1.6.2Apache Subversion 1.5.5Apache Subversion 1.7.4Apache Subversion 1.4.4Apache Subversion 1.7.9Apache Subversion 1.6.8Apache Subversion 1.6.13Apache Subversion 1.7.7Apache Subversion 1.6.7Apache Subversion 1.6.12Apache Subversion 1.7.2Apache Subversion 1.7.8Apache Subversion 1.4.3Apache Subversion 1.5.4Apache Subversion 1.6.11
4
CVSSv2
CVE-2016-8734
Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU...
Apache Subversion 1.5.2Apache Subversion 1.5.3Apache Subversion 1.5.4Apache Subversion 1.5.5Apache Subversion 1.5.6Apache Subversion 1.6.10Apache Subversion 1.6.11Apache Subversion 1.6.12Apache Subversion 1.6.13Apache Subversion 1.7.4Apache Subversion 1.7.5Apache Subversion 1.7.6Apache Subversion 1.7.7Apache Subversion 1.8.0Apache Subversion 1.8.1Apache Subversion 1.8.2Apache Subversion 1.8.3Apache Subversion 1.8.16Apache Subversion 1.9.0Apache Subversion 1.9.1Apache Subversion 1.9.2Apache Subversion 1.4.6Apache Subversion 1.5.1Apache Subversion 1.5.8Apache Subversion 1.6.1Apache Subversion 1.6.6Apache Subversion 1.6.8Apache Subversion 1.6.15Apache Subversion 1.6.17Apache Subversion 1.7.1Apache Subversion 1.7.3Apache Subversion 1.7.8Apache Subversion 1.7.10Apache Subversion 1.7.17Apache Subversion 1.7.19Apache Subversion 1.8.5Apache Subversion 1.8.7Apache Subversion 1.8.12Apache Subversion 1.8.14Apache Subversion 1.9.4Apache Subversion 1.4.1Apache Subversion 1.4.2Apache Subversion 1.4.3Apache Subversion 1.4.4Apache Subversion 1.6.2Apache Subversion 1.6.3Apache Subversion 1.6.4Apache Subversion 1.6.5Apache Subversion 1.6.18Apache Subversion 1.6.19Apache Subversion 1.6.20Apache Subversion 1.6.21Apache Subversion 1.6.23Apache Subversion 1.7.12Apache Subversion 1.7.13Apache Subversion 1.7.14Apache Subversion 1.7.15Apache Subversion 1.8.8Apache Subversion 1.8.9Apache Subversion 1.8.10Apache Subversion 1.8.11Apache Subversion 1.4.0Apache Subversion 1.4.5Apache Subversion 1.5.0Apache Subversion 1.5.7Apache Subversion 1.6.0Apache Subversion 1.6.7Apache Subversion 1.6.9Apache Subversion 1.6.14Apache Subversion 1.6.16Apache Subversion 1.7.0Apache Subversion 1.7.2Apache Subversion 1.7.9Apache Subversion 1.7.11Apache Subversion 1.7.16Apache Subversion 1.7.18Apache Subversion 1.7.20Apache Subversion 1.8.4Apache Subversion 1.8.6Apache Subversion 1.8.13Apache Subversion 1.8.15Apache Subversion 1.9.3Debian Debian Linux 8.0Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-23418CVE-2021-36934CVE-2021-32796remoteCVE-2021-37743file uploadCVE-2020-10590log injectionCVE-2021-3490
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook