Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
subversion subversion vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-2111
Jenkins Subversion Plugin 2.13.0 and previous versions does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability.
Jenkins Subversion
5.3
CVSSv3
CVE-2018-1000111
An improper authorization vulnerability exists in Jenkins Subversion Plugin version 2.10.2 and previous versions in SubversionStatus.java and SubversionRepositoryStatus.java that allows an attacker with network access to obtain a list of nodes and users.
Jenkins Subversion
4.3
CVSSv3
CVE-2022-29048
A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Plugin 2.15.3 and previous versions allows malicious users to connect to an attacker-specified URL.
Jenkins Subversion
Apple Macos
4.3
CVSSv3
CVE-2021-28544
Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to t...
Apache Subversion
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Apple Macos
NA
CVE-2024-34148
Jenkins Subversion Partial Release Manager Plugin 1.0.1 and previous versions programmatically disables the fix for CVE-2016-3721 whenever a build is triggered from a release tag, by setting the Java system property 'hudson.model.ParametersAction.keepUndefinedParameters'...
NA
CVE-2024-28158
A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and previous versions allows malicious users to trigger a build.
NA
CVE-2024-28159
A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and previous versions allows attackers with Item/Read permission to trigger a build.
NA
CVE-2015-0202
The mod_dav_svn server in Subversion 1.8.0 up to and including 1.8.11 allows remote malicious users to cause a denial of service (memory consumption) via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes.
Apache Subversion 1.8.0
Apache Subversion 1.8.8
Apache Subversion 1.8.9
Apache Subversion 1.8.3
Apache Subversion 1.8.4
Apache Subversion 1.8.5
Apache Subversion 1.8.1
Apache Subversion 1.8.2
Apache Subversion 1.8.10
Apache Subversion 1.8.11
Apache Subversion 1.8.6
Apache Subversion 1.8.7
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2013-6892
WebSVN 2.3.3 allows remote authenticated users to read arbitrary files via a symlink attack in a commit.
Websvn Websvn 2.3.3
Debian Debian Linux 7.0
NA
CVE-2014-3504
The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 up to and including 1.3.x prior to 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name (CN) field of an X.509 certificate, w...
Apache Subversion 1.6.10
Apache Subversion 1.6.19
Apache Subversion 1.8.2
Apache Subversion 1.4.5
Apache Subversion 1.7.3
Apache Subversion 1.6.20
Apache Subversion 1.7.17
Apache Subversion 1.8.0
Apache Subversion 1.4.2
Apache Subversion 1.6.2
Apache Subversion 1.7.1
Apache Subversion 1.7.11
Apache Subversion 1.7.16
Apache Subversion 1.6.18
Apache Subversion 1.6.16
Apache Subversion 1.5.5
Apache Subversion 1.7.4
Apache Subversion 1.6.21
Apache Subversion 1.6.5
Apache Subversion 1.7.6
Apache Subversion 1.5.3
Apache Subversion 1.4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »