Known Vulnerabilities for Subversion by Apache
Listed below are 10 of the newest known vulnerabilities associated with "Subversion" by "Apache".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-24070 | Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn ser... | 7.5 - HIGH | 2022-04-12 | 2023-11-07 |
| CVE-2021-28544 | Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hid... | 4.3 - MEDIUM | 2022-04-12 | 2023-02-11 |
| CVE-2020-17525 | Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeA... | 7.5 - HIGH | 2021-03-17 | 2022-01-01 |
| CVE-2019-0203 | In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when ... | 7.5 - HIGH | 2019-09-26 | 2021-07-21 |
| CVE-2018-11803 | Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitial... | 7.5 - HIGH | 2019-02-05 | 2023-11-07 |
| CVE-2018-11782 | In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when ... | 6.5 - MEDIUM | 2019-09-26 | 2019-09-27 |
| CVE-2017-9800 | A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x throu... | 9.8 - CRITICAL | 2017-08-11 | 2023-11-07 |
| CVE-2016-8734 | Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a ... | 6.5 - MEDIUM | 2017-10-16 | 2023-11-07 |
| CVE-2016-2168 | The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x be... | 6.5 - MEDIUM | 2016-05-05 | 2023-11-07 |
| CVE-2016-2167 | The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when C... | 6.8 - MEDIUM | 2016-05-05 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apache | Subversion | m4\/m5 | All | All | All |
| Application | Apache | Subversion | m3 | All | All | All |
| Application | Apache | Subversion | m2 | All | All | All |
| Application | Apache | Subversion | m1 | All | All | All |
| Application | Apache | Subversion | 1.9.6 | All | All | All |
| Application | Apache | Subversion | 1.9.5 | All | All | All |
| Application | Apache | Subversion | 1.9.4 | All | All | All |
| Application | Apache | Subversion | 1.9.3 | All | All | All |
| Application | Apache | Subversion | 1.9.2 | All | All | All |
| Application | Apache | Subversion | 1.9.10 | All | All | All |
| Application | Apache | Subversion | 1.9.1 | All | All | All |
| Application | Apache | Subversion | 1.9.0 | All | All | All |
| Application | Apache | Subversion | 1.8.9 | All | All | All |
| Application | Apache | Subversion | 1.8.8 | All | All | All |
| Application | Apache | Subversion | 1.8.7 | All | All | All |
| Application | Apache | Subversion | 1.8.6 | All | All | All |
| Application | Apache | Subversion | 1.8.5 | All | All | All |
| Application | Apache | Subversion | 1.8.4 | All | All | All |
| Application | Apache | Subversion | 1.8.3 | All | All | All |
| Application | Apache | Subversion | 1.8.2 | All | All | All |