Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2004-0749

The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames.

  • Published: Dec 23, 2004
  • Updated: Apr 13, 2023
  • CVE: CVE-2004-0749
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
subversion / subversion 1.0.4 1.0.4.x
subversion / subversion 1.0.5 1.0.5.x
subversion / subversion 1.1.0_rc3 1.1.0_rc3.x
subversion / subversion 1.0.2 1.0.2.x
subversion / subversion 1.0.7 1.0.7.x
subversion / subversion 1.1.0_rc2 1.1.0_rc2.x
subversion / subversion 1.0.1 1.0.1.x
subversion / subversion 1.0 1.0.x
subversion / subversion 1.0.6 1.0.6.x
subversion / subversion 1.1.0_rc1 1.1.0_rc1.x
subversion / subversion 1.0.3 1.0.3.x
gentoo / linux 1.4-rc1 1.4-rc1.x
gentoo / linux 1.4-rc3 1.4-rc3.x
gentoo / linux 0.5 0.5.x
gentoo / linux 1.1a 1.1a.x
gentoo / linux 1.4 1.4.x
gentoo / linux 0.7 0.7.x
gentoo / linux 1.2 1.2.x
gentoo / linux 1.4-rc2 1.4-rc2.x