Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 51 results


CVE-2024-45720

Medium priority
Not affected

On Windows platforms, a "best fit" character encoding conversion of command line arguments to Subversion's executables (e.g., svn.exe, etc.) may lead to unexpected command line argument interpretation, including argument injection...

1 affected packages

subversion

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
subversion Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2022-24070

Medium priority
Fixed

Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers...

1 affected packages

subversion

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
subversion Fixed Fixed Not affected Not affected
Show less packages

CVE-2021-28544

Medium priority
Fixed

Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a...

1 affected packages

subversion

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
subversion Fixed Fixed Not affected Not affected
Show less packages

CVE-2020-17525

Medium priority

Some fixes available 3 of 4

Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to...

1 affected packages

subversion

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
subversion Not affected Fixed Fixed Fixed
Show less packages

CVE-2019-0203

Medium priority

Some fixes available 2 of 3

In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.

1 affected packages

subversion

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
subversion Not affected Not affected Fixed Fixed
Show less packages

CVE-2018-11782

Medium priority

Some fixes available 2 of 3

In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.

1 affected packages

subversion

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
subversion Not affected Not affected Fixed Fixed
Show less packages

CVE-2018-11803

Medium priority

Some fixes available 1 of 5

Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation.

1 affected packages

subversion

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
subversion Not affected Not affected Not affected Not affected
Show less packages

CVE-2017-9800

Medium priority
Fixed

A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server,...

1 affected packages

subversion

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
subversion Fixed
Show less packages

CVE-2016-8734

Low priority

Some fixes available 2 of 4

Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted...

1 affected packages

subversion

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
subversion Not affected Not affected Fixed
Show less packages

CVE-2016-2168

Medium priority

Some fixes available 2 of 4

The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and...

1 affected packages

subversion

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
subversion Fixed
Show less packages