VulnerableCode Package Details - pkg:ebuild/dev-vcs/subversion@1.7.13

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-6k4a-5tuh-qbgf	The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.	CVE-2013-2112
VCID-6yyq-w9bz-9yed	contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename.	CVE-2013-2088
VCID-775h-cjq3-1bce	The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory.	CVE-2013-1845
VCID-7sq7-gjgr-xqfs	The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.	CVE-2011-1752
VCID-86ac-9dts-33gh	The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL.	CVE-2013-1849
VCID-9dbe-qvky-5ygd	The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL.	CVE-2013-1846
VCID-bu2k-qj7m-xkfd	Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.	CVE-2010-4644
VCID-e6ar-678j-xkac	The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.	CVE-2010-4539
VCID-eehh-xh98-57bd	The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable.	CVE-2013-1884
VCID-euta-9afu-dkbu	The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.	CVE-2011-0715
VCID-fg3n-7rg5-rbh7	Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.	CVE-2013-1968
VCID-gyj1-f8yq-33dg	The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision root.	CVE-2013-4131
VCID-jx2d-xe8c-puex	The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist.	CVE-2013-1847
VCID-mdj4-znus-3uex	The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.	CVE-2011-1783
VCID-uawf-gsk4-p3ba	Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option.	CVE-2013-4277
VCID-zqz3-19qj-suh8	The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation.	CVE-2011-1921

Vulnerability

Summary

Aliases

VCID-6k4a-5tuh-qbgf

The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.

CVE-2013-2112

VCID-6yyq-w9bz-9yed

contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename.

CVE-2013-2088

VCID-775h-cjq3-1bce

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory.

CVE-2013-1845

VCID-7sq7-gjgr-xqfs

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.

CVE-2011-1752

VCID-86ac-9dts-33gh

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL.

CVE-2013-1849

VCID-9dbe-qvky-5ygd

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL.

CVE-2013-1846

VCID-bu2k-qj7m-xkfd

Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.

CVE-2010-4644

VCID-e6ar-678j-xkac

The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.

CVE-2010-4539

VCID-eehh-xh98-57bd

The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable.

CVE-2013-1884

VCID-euta-9afu-dkbu

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.

CVE-2011-0715

VCID-fg3n-7rg5-rbh7

Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.

CVE-2013-1968

VCID-gyj1-f8yq-33dg

The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision root.

CVE-2013-4131

VCID-jx2d-xe8c-puex

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist.

CVE-2013-1847

VCID-mdj4-znus-3uex

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.

CVE-2011-1783

VCID-uawf-gsk4-p3ba

Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option.

CVE-2013-4277

VCID-zqz3-19qj-suh8

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation.

CVE-2011-1921

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-04T19:11:32.617485+00:00	Gentoo Importer	Fixing	VCID-uawf-gsk4-p3ba	https://security.gentoo.org/glsa/201309-11	38.6.0
2026-06-04T19:11:32.598394+00:00	Gentoo Importer	Fixing	VCID-gyj1-f8yq-33dg	https://security.gentoo.org/glsa/201309-11	38.6.0
2026-06-04T19:11:32.580638+00:00	Gentoo Importer	Fixing	VCID-6k4a-5tuh-qbgf	https://security.gentoo.org/glsa/201309-11	38.6.0
2026-06-04T19:11:32.565260+00:00	Gentoo Importer	Fixing	VCID-6yyq-w9bz-9yed	https://security.gentoo.org/glsa/201309-11	38.6.0
2026-06-04T19:11:32.540676+00:00	Gentoo Importer	Fixing	VCID-fg3n-7rg5-rbh7	https://security.gentoo.org/glsa/201309-11	38.6.0
2026-06-04T19:11:32.523510+00:00	Gentoo Importer	Fixing	VCID-eehh-xh98-57bd	https://security.gentoo.org/glsa/201309-11	38.6.0
2026-06-04T19:11:32.502149+00:00	Gentoo Importer	Fixing	VCID-86ac-9dts-33gh	https://security.gentoo.org/glsa/201309-11	38.6.0
2026-06-04T19:11:32.484820+00:00	Gentoo Importer	Fixing	VCID-jx2d-xe8c-puex	https://security.gentoo.org/glsa/201309-11	38.6.0
2026-06-04T19:11:32.467032+00:00	Gentoo Importer	Fixing	VCID-9dbe-qvky-5ygd	https://security.gentoo.org/glsa/201309-11	38.6.0
2026-06-04T19:11:32.448872+00:00	Gentoo Importer	Fixing	VCID-775h-cjq3-1bce	https://security.gentoo.org/glsa/201309-11	38.6.0
2026-06-04T19:11:32.431324+00:00	Gentoo Importer	Fixing	VCID-zqz3-19qj-suh8	https://security.gentoo.org/glsa/201309-11	38.6.0
2026-06-04T19:11:32.414488+00:00	Gentoo Importer	Fixing	VCID-mdj4-znus-3uex	https://security.gentoo.org/glsa/201309-11	38.6.0
2026-06-04T19:11:32.396562+00:00	Gentoo Importer	Fixing	VCID-7sq7-gjgr-xqfs	https://security.gentoo.org/glsa/201309-11	38.6.0
2026-06-04T19:11:32.377988+00:00	Gentoo Importer	Fixing	VCID-euta-9afu-dkbu	https://security.gentoo.org/glsa/201309-11	38.6.0
2026-06-04T19:11:32.359421+00:00	Gentoo Importer	Fixing	VCID-bu2k-qj7m-xkfd	https://security.gentoo.org/glsa/201309-11	38.6.0
2026-06-04T19:11:32.340964+00:00	Gentoo Importer	Fixing	VCID-e6ar-678j-xkac	https://security.gentoo.org/glsa/201309-11	38.6.0