pkg:Debian/subversion
73 total CVEsCRITICAL3HIGH9MEDIUM12
✅ Check your installed version
All known vulnerabilities
- from 0, < 1.8.10-6+deb8u5
- from 0, < 1.9.7-1
- from 0, < 1.6.17dfsg-4+deb7u12
- HIGH8.6CVE-2015-5259Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to…from 0, < 1.9.3-1
- from 0, < 1.9.3-1
- from 0, < 1.8.10-6+deb8u2
- from 0, < 1.14.1-3+deb11u1
- from 0, < 1.14.1-1
- from 0, < 1.9.5-1+deb9u6
- from 0, < 1.10.4-1+deb10u2
- HIGH7.5CVE-2019-0203In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends…from 0, < 1.10.6-1
- HIGH7.5CVE-2018-11803Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer i…from 0, < 1.10.4-1
- from 0, < 1.9.4-1
- from 0, < 1.8.10-6+deb8u4
- from 0, < 1.6.17dfsg-4+deb7u11
- from 0, < 1.10.6-1
- from 0, < 1.9.5-1+deb9u4
- from 0, < 1.8.10-6+deb8u7
- MEDIUM6.5CVE-2016-8734Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-serv…from 0, < 1.9.5-1
- MEDIUM6.5CVE-2016-2168The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 all…from 0, < 1.9.4-1
- MEDIUM4.3CVE-2024-46901Apache Subversion: mod_dav_svn denial-of-service via control characters in pathsfrom 0, < 1.14.1-3+deb11u2
- MEDIUM4.3CVE-2024-46901Apache Subversion: mod_dav_svn denial-of-service via control characters in pathsfrom 0, < 1.14.1-3+deb11u2
- from 0, < 1.14.1-3+deb11u1
- from 0, < 1.10.4-1+deb10u3
- from 0, < 1.6.12dfsg-7+deb6u3
- from 0, < 1.9.0-1
- from 0, < 1.6.17dfsg-4+deb7u10
- from 0, < 1.9.0-1
- —CVE-2015-0251The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:autho…from 0, < 1.8.10-6
- from 0, < 1.8.10-6
- from 0, < 1.6.17dfsg-4+deb7u9
- —CVE-2015-0202The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows remote attackers to cause a denial of service (memory consumption) via a l…from 0, < 1.8.10-6
- —CVE-2014-8108The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to caus…from 0, < 1.8.10-5
- from 0, < 1.8.10-5
- from 0, < 1.6.12dfsg-7+deb6u1
- from 0, < 1.6.17dfsg-4+deb7u7
- —CVE-2014-3528Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store c…from 0, < 1.8.10-1
- —CVE-2014-3522The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the…from 0, < 1.8.10-1
- —CVE-2013-7393The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created…from 0, < 1.8.5-1
- —CVE-2013-4262svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain pr…from 0, < 1.8.5-1
- —CVE-2014-0032The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParen…from 0, < 1.8.8-1
- —CVE-2013-4558The get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through…from 0, < 1.7.14-1
- —CVE-2013-4505The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to…from 0, < 1.7.14-1
- —CVE-2013-4277Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrar…from 0, < 1.7.13-1
- —CVE-2013-4131The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to c…from 0, < 1.7.13-1
- —CVE-2013-2112The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by abor…from 0, < 1.7.9-1+nmu2
- —CVE-2013-2088contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute…from 0, < 1.7.5-1
- from 0, < 1.6.12dfsg-7
- from 0, < 1.7.9-1+nmu2
- —CVE-2013-1884The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmenta…from 0, < 1.7.9-1
- —CVE-2013-1849The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a de…from 0, < 1.7.9-1
- —CVE-2013-1847The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a de…from 0, < 1.7.9-1
- —CVE-2013-1846The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to c…from 0, < 1.7.9-1
- from 0, < 1.6.12dfsg-7+deb6u2
- from 0, < 1.7.9-1
- —CVE-2011-1921The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz…from 0, < 1.6.17dfsg-1
- —CVE-2011-1783The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz…from 0, < 1.6.17dfsg-1
- from 0, < 1.6.17dfsg-1
- from 0, < 1.6.12dfsg-6
- from 0, < 1.5.1dfsg1-6
- from 0, < 1.6.16dfsg-1
- —CVE-2010-4644Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memor…from 0, < 1.6.12dfsg-3
- —CVE-2010-4539The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allow…from 0, < 1.6.12dfsg-4
- from 0, < 1.6.12dfsg-2
- from 0, < 1.5.1dfsg1-5
- from 0, < 1.6.4dfsg-1
- from 0, < 1.4.2dfsg1-3
- —CVE-2007-2448Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users who have access to changed paths but not…from 0, < 1.4.4dfsg1-1
- —CVE-2006-1564Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn d…from 0, < 1.3.0-5
- —CVE-2004-1438The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository,…from 0, < 1.0.6-1
- —CVE-2004-0749The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could…from 0, < 1.0.9-2
- —CVE-2004-0413libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allo…from 0, < 1.0.5-1
- —CVE-2004-0397Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitr…from 0, < 1.0.3-1