CVE-2015-3187
12.08.2015, 14:59
The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| apache | subversion | 𝑥 ≤ 1.7.20 |
| apache | subversion | 1.8.1 |
| apache | subversion | 1.8.2 |
| apache | subversion | 1.8.3 |
| apache | subversion | 1.8.4 |
| apache | subversion | 1.8.5 |
| apache | subversion | 1.8.6 |
| apache | subversion | 1.8.7 |
| apache | subversion | 1.8.8 |
| apache | subversion | 1.8.9 |
| apache | subversion | 1.8.10 |
| apache | subversion | 1.8.11 |
| apache | subversion | 1.8.13 |
| apple | xcode | 𝑥 ≤ 7.2.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| subversion |
| ||||||||||||||||||||||||||||||||||||||||||||||||
| subversion-bash-completion |
| ||||||||||||||||||||||||||||||||||||||||||||||||
| subversion-devel |
| ||||||||||||||||||||||||||||||||||||||||||||||||
| subversion-perl |
| ||||||||||||||||||||||||||||||||||||||||||||||||
| subversion-python |
| ||||||||||||||||||||||||||||||||||||||||||||||||
| subversion-tools |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||||
|---|---|---|---|---|---|
| mod |
| ||||
| subversion |
| ||||
| subversion-devel |
| ||||
| subversion-gnome |
| ||||
| subversion-javahl |
| ||||
| subversion-kde |
| ||||
| subversion-libs |
| ||||
| subversion-perl |
| ||||
| subversion-python |
| ||||
| subversion-ruby |
| ||||
| subversion-svn2cl |
| ||||
| subversion-tools |
|
Common Weakness Enumeration
References