Vulnerabilities > Apache > Subversion > 1.9.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-17 | CVE-2020-17525 | NULL Pointer Dereference vulnerability in multiple products Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. | 4.3 |
2019-09-26 | CVE-2019-0203 | Improper Input Validation vulnerability in Apache Subversion In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. | 5.0 |
2019-09-26 | CVE-2018-11782 | Improper Input Validation vulnerability in Apache Subversion In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. | 4.0 |
2017-10-16 | CVE-2016-8734 | Resource Exhaustion vulnerability in multiple products Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. | 6.5 |
2017-08-11 | CVE-2017-9800 | Improper Input Validation vulnerability in Apache Subversion A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. | 9.8 |