| CVE-2022-24070 |
AVG-2750 |
High |
Yes |
Unknown |
While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Servers that do not use... |
| CVE-2021-28544 |
AVG-2750 |
Medium |
Unknown |
Information disclosure |
Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been... |
| CVE-2020-17525 |
AVG-1563 |
Medium |
Yes |
Denial of service |
Subversion's mod_authz_svn module in version 1.9.0 up to 1.10.6 and 1.11.0 up to 1.14.0 will crash if the server is using in-repository authz rules with the... |
| CVE-2019-0203 |
AVG-1016 |
High |
Yes |
Denial of service |
A null-pointer-dereference has been found in svnserve that results in a remote unauthenticated Denial-of-Service in some server configurations. The... |
| CVE-2018-11803 |
AVG-858 |
High |
Yes |
Denial of service |
A denial of service has been found in subversion versions prior to 1.11.1, allowing a malicious SVN client to crash a remote server using mod_dav_svn by... |
| CVE-2018-11782 |
AVG-1016 |
Medium |
Yes |
Denial of service |
Subversion svn:// connections, including svn+ssh:// and svn+<custom>://, use a custom network protocol [1] with Lisp-like syntax. The code implementing the... |
| CVE-2017-9800 |
AVG-379 |
Critical |
Yes |
Arbitrary command execution |
A security issue has been found in subversion < 1.9.7. A Subversion client sometimes connects to URLs provided by the repository. This happens in two... |