Vulnerabilities > Apache > Subversion > High

DATE CVE VULNERABILITY TITLE RISK
2022-04-12 CVE-2022-24070 Use After Free vulnerability in multiple products
Subversion's mod_dav_svn is vulnerable to memory corruption.
network
low complexity
apache debian fedoraproject apple CWE-416
7.5
2019-02-05 CVE-2018-11803 Access of Uninitialized Pointer vulnerability in multiple products
Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation.
network
low complexity
apache canonical CWE-824
7.5
2016-04-14 CVE-2015-5343 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.
network
low complexity
apache debian CWE-119
8.0
2015-04-08 CVE-2015-0202 Resource Management Errors vulnerability in multiple products
The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows remote attackers to cause a denial of service (memory consumption) via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes.
network
low complexity
apache opensuse CWE-399
7.8
2013-07-31 CVE-2013-2112 Remote Denial of Service vulnerability in Apache Subversion
The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.
network
low complexity
apache collabnet canonical opensuse
7.8
2013-07-31 CVE-2013-2088 Improper Input Validation vulnerability in multiple products
contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename.
network
high complexity
apache collabnet opensuse CWE-20
7.1