Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
subversion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34148
Jenkins Subversion Partial Release Manager Plugin 1.0.1 and previous versions programmatically disables the fix for CVE-2016-3721 whenever a build is triggered from a release tag, by setting the Java system property 'hudson.model.ParametersAction.keepUndefinedParameters'...
NA
CVE-2024-28158
A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and previous versions allows malicious users to trigger a build.
NA
CVE-2024-28159
A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and previous versions allows attackers with Item/Read permission to trigger a build.
NA
CVE-2023-22464
ViewVC is a browser interface for CVS and Subversion version control repositories. Versions before 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an malicious user to have commit privileges to a Subversion re...
Viewvc Viewvc
NA
CVE-2023-22456
ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions before 1.2.2 and 1.1.29. The impact of this vulnerability is mitigated by the need for an malicious user to have commit privileges to a S...
Viewvc Viewvc
NA
CVE-2022-42969
The py library up to and including 1.11.0 for Python allows remote malicious users to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed ...
Pytest Py
1 Github repository
3.5
CVSSv2
CVE-2022-29046
Jenkins Subversion Plugin 2.15.3 and previous versions does not escape the name and description of List Subversion tags (and more) parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configur...
Jenkins Subversion
Apple Macos
4.3
CVSSv2
CVE-2022-29048
A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Plugin 2.15.3 and previous versions allows malicious users to connect to an attacker-specified URL.
Jenkins Subversion
Apple Macos
3.5
CVSSv2
CVE-2021-28544
Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to t...
Apache Subversion
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Apple Macos
5
CVSSv2
CVE-2022-24070
Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 up to and including 1.14.1 (inclusive). Se...
Apache Subversion
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Apple Macos
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »