Total vulnerabilities in the database
The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the server root and request methods other than GET, as demonstrated by the "svn ls http://svn.example.com" command.
| Software | From | Fixed in |
|---|---|---|
| apache / subversion | 1.8.2 | 1.8.2.x |
| apache / subversion | 1.8.0 | 1.8.0.x |
| apache / subversion | 1.8.1 | 1.8.1.x |
| apache / subversion | 1.8.5 | 1.8.5.x |
| apache / subversion | 1.8.4 | 1.8.4.x |
| apache / subversion | 1.8.3 | 1.8.3.x |
| apache / subversion | 1.7.3 | 1.7.3.x |
| apache / subversion | 1.7.1 | 1.7.1.x |
| apache / subversion | 1.7.11 | 1.7.11.x |
| apache / subversion | 1.7.4 | 1.7.4.x |
| apache / subversion | 1.7.6 | 1.7.6.x |
| apache / subversion | 1.7.9 | 1.7.9.x |
| apache / subversion | 1.7.12 | 1.7.12.x |
| apache / subversion | 1.7.10 | 1.7.10.x |
| apache / subversion | 1.7.7 | 1.7.7.x |
| apache / subversion | - | 1.7.14.x |
| apache / subversion | 1.7.2 | 1.7.2.x |
| apache / subversion | 1.7.13 | 1.7.13.x |
| apache / subversion | 1.7.8 | 1.7.8.x |
| apache / subversion | 1.7.5 | 1.7.5.x |
| apache / subversion | 1.7.0 | 1.7.0.x |