Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

apache subversion 1.8.1 vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2013-4262
svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. NOTE: this issue was SPLIT due to different affected versions (ADT3). The irkerbridge.py...
Apache Subversion 1.8.0Apache Subversion 1.8.1Apache Subversion 1.8.2
8.8
CVSSv3
CVE-2013-4246
libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties....
Apache Subversion 1.8.0Apache Subversion 1.8.1
NA
CVE-2015-3187
The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a...
Apache Subversion 1.8.1Apache Subversion 1.8.2Apache Subversion 1.8.3Apache Subversion 1.8.10Apache Subversion 1.8.11Apache SubversionApache Subversion 1.8.8Apache Subversion 1.8.9Apache Subversion 1.8.6Apache Subversion 1.8.7Apache Subversion 1.8.4Apache Subversion 1.8.5Apache Subversion 1.8.13Apple Xcode
NA
CVE-2013-7393
The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the --pidfile option is used. NOTE: this issue was SPLIT from CVE-2013-4262 based on...
Apache Subversion 1.8.0Apache Subversion 1.8.1
NA
CVE-2013-4558
The get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service (assertion...
Apache Subversion 1.8.3Apache Subversion 1.8.4Apache Subversion 1.7.13Apache Mod Dav Svn -Apache Subversion 1.7.11Apache Subversion 1.7.12Apache Subversion 1.8.1Apache Subversion 1.8.2
NA
CVE-2014-0032
The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the server root and request methods...
Apache Subversion 1.8.1Apache Subversion 1.8.2Apache Subversion 1.8.5Apache Subversion 1.8.0Apache Subversion 1.8.3Apache Subversion 1.8.4Apache Subversion 1.7.10Apache Subversion 1.7.11Apache Subversion 1.7.6Apache Subversion 1.7.7Apache SubversionApache Subversion 1.7.2Apache Subversion 1.7.3Apache Subversion 1.7.0Apache Subversion 1.7.1Apache Subversion 1.7.4Apache Subversion 1.7.5Apache Subversion 1.7.12Apache Subversion 1.7.13Apache Subversion 1.7.8Apache Subversion 1.7.9
NA
CVE-2015-0202
The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows remote attackers to cause a denial of service (memory consumption) via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes....
Apache Subversion 1.8.0Apache Subversion 1.8.8Apache Subversion 1.8.9Apache Subversion 1.8.3Apache Subversion 1.8.4Apache Subversion 1.8.5Apache Subversion 1.8.1Apache Subversion 1.8.2Apache Subversion 1.8.10Apache Subversion 1.8.11Apache Subversion 1.8.6Apache Subversion 1.8.7Opensuse Opensuse 13.1Opensuse Opensuse 13.2
NA
CVE-2013-4505
The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request....
Apache Mod Dontdothat -Apache Subversion 1.8.1Apache Subversion 1.4.0Apache Subversion 1.5.0Apache Subversion 1.5.1Apache Subversion 1.5.8Apache Subversion 1.6.0Apache Subversion 1.6.16Apache Subversion 1.6.17Apache Subversion 1.6.3Apache Subversion 1.6.4Apache Subversion 1.7.1Apache Subversion 1.7.10Apache Subversion 1.4.5Apache Subversion 1.4.6Apache Subversion 1.5.6Apache Subversion 1.5.7Apache Subversion 1.6.14Apache Subversion 1.6.15Apache Subversion 1.6.21Apache Subversion 1.6.23Apache Subversion 1.6.9Apache Subversion 1.7.0Apache Subversion 1.7.5Apache Subversion 1.7.6Apache Subversion 1.4.1Apache Subversion 1.4.2Apache Subversion 1.5.2Apache Subversion 1.5.3Apache Subversion 1.6.1Apache Subversion 1.6.10Apache Subversion 1.6.18Apache Subversion 1.6.19Apache Subversion 1.6.5Apache Subversion 1.6.6Apache Subversion 1.7.11Apache Subversion 1.7.12Apache Subversion 1.7.2Apache Subversion 1.7.9Apache Subversion 1.7.7Apache Subversion 1.7.8Apache Subversion 1.4.3Apache Subversion 1.4.4Apache Subversion 1.5.4Apache Subversion 1.5.5Apache Subversion 1.6.11Apache Subversion 1.6.12Apache Subversion 1.6.13Apache Subversion 1.6.2Apache Subversion 1.6.20Apache Subversion 1.6.7Apache Subversion 1.6.8Apache Subversion 1.7.3Apache Subversion 1.7.4
NA
CVE-2015-3184
mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name....
Apple XcodeApache Subversion 1.7.7Apache Subversion 1.7.6Apache Subversion 1.7.17Apache Subversion 1.7.16Apache Subversion 1.7.0Apache Subversion 1.7.20Apache Subversion 1.8.3Apache Subversion 1.8.2Apache Subversion 1.7.9Apache Subversion 1.7.8Apache Subversion 1.7.19Apache Subversion 1.7.18Apache Subversion 1.7.11Apache Subversion 1.7.10Apache Subversion 1.7.1Apache Subversion 1.8.5Apache Subversion 1.8.4Apache Subversion 1.8.1Apache Subversion 1.7.5Apache Subversion 1.7.4Apache Subversion 1.7.15Apache Subversion 1.7.14Apache Subversion 1.8.9Apache Subversion 1.8.8Apache Subversion 1.8.0Apache Subversion 1.8.11Apache Subversion 1.7.3Apache Subversion 1.7.2Apache Subversion 1.7.13Apache Subversion 1.7.12Apache Subversion 1.8.7Apache Subversion 1.8.6Apache Subversion 1.8.13Apache Subversion 1.8.10
6.5
CVSSv3
CVE-2016-8734
Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU...
Apache Subversion 1.5.2Apache Subversion 1.5.3Apache Subversion 1.5.4Apache Subversion 1.5.5Apache Subversion 1.5.6Apache Subversion 1.6.10Apache Subversion 1.6.11Apache Subversion 1.6.12Apache Subversion 1.6.13Apache Subversion 1.7.4Apache Subversion 1.7.5Apache Subversion 1.7.6Apache Subversion 1.7.7Apache Subversion 1.8.0Apache Subversion 1.8.1Apache Subversion 1.8.2Apache Subversion 1.8.3Apache Subversion 1.8.16Apache Subversion 1.9.0Apache Subversion 1.9.1Apache Subversion 1.9.2Apache Subversion 1.4.6Apache Subversion 1.5.1Apache Subversion 1.5.8Apache Subversion 1.6.1Apache Subversion 1.6.6Apache Subversion 1.6.8Apache Subversion 1.6.15Apache Subversion 1.6.17Apache Subversion 1.7.1Apache Subversion 1.7.3Apache Subversion 1.7.8Apache Subversion 1.7.10Apache Subversion 1.7.17Apache Subversion 1.7.19Apache Subversion 1.8.5Apache Subversion 1.8.7Apache Subversion 1.8.12Apache Subversion 1.8.14Apache Subversion 1.9.4Apache Subversion 1.4.1Apache Subversion 1.4.2Apache Subversion 1.4.3Apache Subversion 1.4.4Apache Subversion 1.6.2Apache Subversion 1.6.3Apache Subversion 1.6.4Apache Subversion 1.6.5Apache Subversion 1.6.18Apache Subversion 1.6.19Apache Subversion 1.6.20Apache Subversion 1.6.21Apache Subversion 1.6.23Apache Subversion 1.7.12Apache Subversion 1.7.13Apache Subversion 1.7.14Apache Subversion 1.7.15Apache Subversion 1.8.8Apache Subversion 1.8.9Apache Subversion 1.8.10Apache Subversion 1.8.11Apache Subversion 1.4.0Apache Subversion 1.4.5Apache Subversion 1.5.0Apache Subversion 1.5.7Apache Subversion 1.6.0Apache Subversion 1.6.7Apache Subversion 1.6.9Apache Subversion 1.6.14Apache Subversion 1.6.16Apache Subversion 1.7.0Apache Subversion 1.7.2Apache Subversion 1.7.9Apache Subversion 1.7.11Apache Subversion 1.7.16Apache Subversion 1.7.18Apache Subversion 1.7.20Apache Subversion 1.8.4Apache Subversion 1.8.6Apache Subversion 1.8.13Apache Subversion 1.8.15Apache Subversion 1.9.3Debian Debian Linux 8.0Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remoteCVE-2022-47986CVE-2023-20963CVE-2023-1013CVE-2022-43628CVE-2023-1014log injectionCVE-2022-43639SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook