Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2020-17525

Published: 17/03/2021 Updated: 01/01/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Apache

Vulnerability Summary

A null-pointer-dereference flaw was found in mod_authz_svn of subversion. This flaw allows a remote, unauthenticated malicious user to cause a denial of service in some server configurations. The highest threat from this vulnerability is to system availability. (CVE-2020-17525)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache subversion

debian debian linux 9.0

Vendor Advisories

Debian CVElist Bug Report Logs: subversion: CVE-2020-17525: Remote unauthenticated denial-of-service in Subversion mod_authz_svn
Debian Bug report logs - #982464 subversion: CVE-2020-17525: Remote unauthenticated denial-of-service in Subversion mod_authz_svn Package: src:subversion; Maintainer for src:subversion is James McCoy <jamessan@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 10 Feb 2021 14:39:02 UTC Sever ...
Ubuntu Security Notice: USN-5445-1: Subversion vulnerabilities
Several security issues were fixed in subversion ...
Red Hat: Important: subversion:1.10 security update
Synopsis Important: subversion:110 security update Type/Severity Security Advisory: Important Topic An update for the subversion:110 module is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A C ...
Red Hat: Important: subversion:1.10 security update
Synopsis Important: subversion:110 security update Type/Severity Security Advisory: Important Topic An update for the subversion:110 module is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A C ...
Red Hat: Important: subversion:1.10 security update
Synopsis Important: subversion:110 security update Type/Severity Security Advisory: Important Topic An update for the subversion:110 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scorin ...
Debian Security Advisories: DSA-4851-1 subversion -- security update
Thomas Akesson discovered a remotely triggerable vulnerability in the mod_authz_svn module in Subversion, a version control system When using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option an unauthenticated remote client can take advantage of this flaw to cause a denial of service by sending a request for a non-existing ...
Amazon Linux AMI: ALAS-2021-1483
A null-pointer-dereference flaw was found in mod_authz_svn of subversion This flaw allows a remote, unauthenticated attacker to cause a denial of service in some server configurations The highest threat from this vulnerability is to system availability (CVE-2020-17525) ...
Arch Linux Issues:
Subversion's mod_authz_svn module in version 190 up to 1106 and 1110 up to 1140 will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL ...

Mailing Lists

Full Disclosure: [SECURITY][ANNOUNCE] Apache Subversion 1.14.1 released
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> [SECURITY][ANNOUNCE] Apache Subversion 1141 released <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Stefan Spe ...

References

CWE-476https://subversion.apache.org/security/CVE-2020-17525-advisory.txthttps://lists.debian.org/debian-lts-announce/2021/05/msg00000.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982464https://ubuntu.com/security/notices/USN-5445-1https://nvd.nist.govhttps://alas.aws.amazon.com/ALAS-2021-1483.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook