Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2014-3522 (GCVE-0-2014-3522)
Vulnerability from cvelistv5
Published
2014-08-19 18:00
Modified
2024-08-06 10:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:50:16.906Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "59432",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59432"
},
{
"name": "USN-2316-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2316-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT204427"
},
{
"name": "109996",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/109996"
},
{
"name": "APPLE-SA-2015-03-09-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"name": "apache-subversion-cve20143522-spoofing(95311)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95311"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt"
},
{
"name": "60100",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60100"
},
{
"name": "60722",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60722"
},
{
"name": "69237",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69237"
},
{
"name": "openSUSE-SU-2014:1059",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html"
},
{
"name": "GLSA-201610-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201610-05"
},
{
"name": "59584",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59584"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "apache-subversion-cve20143528-info-disc(95090)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95090"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "59432",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59432"
},
{
"name": "USN-2316-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2316-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT204427"
},
{
"name": "109996",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/109996"
},
{
"name": "APPLE-SA-2015-03-09-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"name": "apache-subversion-cve20143522-spoofing(95311)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95311"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt"
},
{
"name": "60100",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60100"
},
{
"name": "60722",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60722"
},
{
"name": "69237",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69237"
},
{
"name": "openSUSE-SU-2014:1059",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html"
},
{
"name": "GLSA-201610-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201610-05"
},
{
"name": "59584",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59584"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "apache-subversion-cve20143528-info-disc(95090)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95090"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3522",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59432",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59432"
},
{
"name": "USN-2316-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2316-1"
},
{
"name": "https://support.apple.com/HT204427",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204427"
},
{
"name": "109996",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/109996"
},
{
"name": "APPLE-SA-2015-03-09-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"name": "apache-subversion-cve20143522-spoofing(95311)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95311"
},
{
"name": "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt",
"refsource": "CONFIRM",
"url": "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt"
},
{
"name": "60100",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60100"
},
{
"name": "60722",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60722"
},
{
"name": "69237",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69237"
},
{
"name": "openSUSE-SU-2014:1059",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html"
},
{
"name": "GLSA-201610-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-05"
},
{
"name": "59584",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59584"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "apache-subversion-cve20143528-info-disc(95090)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95090"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3522",
"datePublished": "2014-08-19T18:00:00",
"dateReserved": "2014-05-14T00:00:00",
"dateUpdated": "2024-08-06T10:50:16.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2014-3522\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2014-08-19T18:55:02.640\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.\"},{\"lang\":\"es\",\"value\":\"La capa Serf RA en Apache Subversion 1.4.0 hasta 1.7.x anterior a 1.7.18 y 1.8.x anterior a 1.8.10 no maneja debidamente los comodines (wildcards) en el campo Common Name (CN) o subjectAltName de un certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores a trav\u00e9s de un certificado manipulado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:P/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":4.9,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-297\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13109084-931E-4565-BEE5-794B83E6978D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4ED3EA46-88F7-438D-B8FC-D6C5E1C8984C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"726B9C10-ACD5-41C2-A552-FD0046A75966\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87D72A75-EDB9-4AD1-B6FC-8A918804DE0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B55A7A26-C994-4956-BBE7-BF3A51971295\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB9E26AB-915A-477F-BA5C-10965A7098F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFD49A9B-16A7-4362-8D62-6EB5ECBE4296\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B0CB798-F4ED-44E5-9B15-B7009EAC6303\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC3F6E5C-CF55-4CEB-A5B6-D49E0234FF3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2C1DD29-88D2-49DE-9B77-D925A4B9EB7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67130DAF-AE81-43D2-A208-58A53746A7E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB9F8426-38CB-46B4-B0D0-8D16B48DD53F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90631FFA-9AB2-483D-B162-31A47428D280\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BD5A981-3FDD-4E74-8EB2-5F324246FFF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88F4E8C9-671B-4DA3-9D0D-98539D8D4FE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"341F900B-5179-4CB4-9F41-91B58B29C414\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F34F463-6350-4F48-B037-856DDBB1A4FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2C813BA-B8F9-446B-A07F-B51F26815578\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DF4080D-0D95-429E-88AA-1051A5520C01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF50F098-A055-4B79-AC35-6BD6F32D70F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"540461D4-87F4-42AB-ADDC-C7A067FE2893\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E676744-C623-4894-8764-43588E56D2FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"669735D1-1C14-4CD7-AA7C-AD2CA63A1979\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4C568FD-54BC-4506-AF60-BFE7CE14D0F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5F71F24-D909-49D9-8B4F-FA757FDF1C25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"034D1C36-B73E-443E-A6B4-44CC6E7BC043\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D373245-8384-45E4-BE2E-E0518BD7F84F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EED44413-D313-4588-9A4B-25F79D0925A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C193EB08-BBC2-43A2-B11A-9C7E2098862D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"022A5BCE-A1DC-48E2-829D-AD9261562095\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"155F83A1-A04A-48C0-A801-B38F129F310F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"302DC06D-5FB1-4EF9-B5E1-6407B88D65FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27A15D05-29BA-4CCC-9348-A516E1E2C079\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2004B474-9869-445D-957D-20EF254FB461\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F91A5E0-0DD8-47DD-B52E-A15E8064945F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C34BE8D-6DFF-4E57-971C-8CCEF13E6500\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CDBC5BA-6A3C-4DB9-BE16-83A4EB85100C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF1B4950-4D56-47A2-BCE8-FB3714EA1B2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3194C6CE-3E8A-4861-AED1-942824974AE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D102460-B5D5-46C4-8021-7C3510A5FCF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92265E60-7BBF-4E8E-A438-4132D8FD57BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"346DE008-472F-47E1-8B96-F968C7D0A003\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C9BDB22-29E0-48A3-8765-FAC6A3442A35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA5EB3A7-DE33-42CB-9B5E-646B9D4FFBFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F63AB9E5-FD99-40A8-B24F-623BDDBCA427\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CEA6C3E-C41B-4EF9-84E1-72BC6B72D1C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0B873C1-E7D6-4E55-A5A7-85000B686071\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87D2E8DD-4225-476A-AF17-7621C9A28391\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40D913E2-0FBD-4F6C-8A21-43A0681237BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B869CEB-7637-48C3-8A4C-171CFB766B97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75CF5BC1-7071-48A3-86A9-C843485CAED5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EB23250-EBD2-4A5F-BF5E-1DAE1A64EF0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"200DB058-C9F0-4983-AF99-EBB8FC2E7875\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57697AAD-5264-4C05-89E4-0228DEF2E9DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24295270-DCBF-4FF3-88F7-E9A30B6388E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22E754F2-5D3D-437E-BB15-693D2EB58DA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF4232D2-1F70-4A06-BD11-A0DFE6CE0744\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC0E7811-3B60-46E7-943C-E0E7ED00FB01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A57A3347-6C48-4803-AB4E-A4BC0E6BFA41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50D26799-D038-470A-A468-58DBDB64A7E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3769BD6-B104-4F74-B8C4-89398A8894FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9757DD5E-42A6-44B8-9692-49690F60C8D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7B5A014-D4EE-4244-AABA-0873492F7295\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD9F8C2A-A94E-4D99-839B-47AAE8754191\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.8.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69D29A9E-DB23-4D86-B4A3-3C4F663416AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D86AEE89-9F8E-43A5-A888-F421B10DB2C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.8.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D335628F-EC07-43BE-9B29-3365A6F64D71\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFBF430B-0832-44B0-AA0E-BA9E467F7668\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A10BC294-9196-425F-9FB0-B1625465B47F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*\",\"matchCriteriaId\":\"F5D324C4-97C7-49D3-A809-9EAD4B690C69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:xcode:6.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81EE9433-C21F-4902-B37E-CF4FC1132B72\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/59432\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/59584\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/60100\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/60722\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.osvdb.org/109996\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/69237\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2316-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/95090\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/95311\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.gentoo.org/glsa/201610-05\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://subversion.apache.org/security/CVE-2014-3522-advisory.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT204427\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/59432\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/59584\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60100\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60722\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/109996\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/69237\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2316-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/95090\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/95311\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201610-05\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://subversion.apache.org/security/CVE-2014-3522-advisory.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT204427\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}],\"evaluatorComment\":\"\u003ca href=\\\"http://cwe.mitre.org/data/definitions/297.html\\\" target=\\\"_blank\\\"\u003eCWE-297: Improper Validation of Certificate with Host Mismatch\u003c/a\u003e\"}}"
}
}
gsd-2014-3522
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2014-3522",
"description": "The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.",
"id": "GSD-2014-3522",
"references": [
"https://www.suse.com/security/cve/CVE-2014-3522.html",
"https://ubuntu.com/security/CVE-2014-3522",
"https://advisories.mageia.org/CVE-2014-3522.html",
"https://alas.aws.amazon.com/cve/html/CVE-2014-3522.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2014-3522"
],
"details": "The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.",
"id": "GSD-2014-3522",
"modified": "2023-12-13T01:22:53.143341Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3522",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59432",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59432"
},
{
"name": "USN-2316-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2316-1"
},
{
"name": "https://support.apple.com/HT204427",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204427"
},
{
"name": "109996",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/109996"
},
{
"name": "APPLE-SA-2015-03-09-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"name": "apache-subversion-cve20143522-spoofing(95311)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95311"
},
{
"name": "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt",
"refsource": "CONFIRM",
"url": "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt"
},
{
"name": "60100",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60100"
},
{
"name": "60722",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60722"
},
{
"name": "69237",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69237"
},
{
"name": "openSUSE-SU-2014:1059",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html"
},
{
"name": "GLSA-201610-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-05"
},
{
"name": "59584",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59584"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "apache-subversion-cve20143528-info-disc(95090)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95090"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:xcode:6.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3522"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-297"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2316-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2316-1"
},
{
"name": "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt"
},
{
"name": "69237",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/69237"
},
{
"name": "60100",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/60100"
},
{
"name": "60722",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/60722"
},
{
"name": "openSUSE-SU-2014:1059",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html"
},
{
"name": "APPLE-SA-2015-03-09-4",
"refsource": "APPLE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"name": "https://support.apple.com/HT204427",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT204427"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "109996",
"refsource": "OSVDB",
"tags": [],
"url": "http://www.osvdb.org/109996"
},
{
"name": "59584",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/59584"
},
{
"name": "59432",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/59432"
},
{
"name": "GLSA-201610-05",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201610-05"
},
{
"name": "apache-subversion-cve20143522-spoofing(95311)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95311"
},
{
"name": "apache-subversion-cve20143528-info-disc(95090)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95090"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2018-10-30T16:27Z",
"publishedDate": "2014-08-19T18:55Z"
}
}
}
CERTFR-2015-AVI-092
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "OS X Mavericks",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Apple TV",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "OS X Moutain Lion",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "OS X Yosemite",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS 8.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Xcode 6.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2014-8108",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8108"
},
{
"name": "CVE-2015-1064",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1064"
},
{
"name": "CVE-2014-3580",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3580"
},
{
"name": "CVE-2015-1066",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1066"
},
{
"name": "CVE-2015-1062",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1062"
},
{
"name": "CVE-2015-1063",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1063"
},
{
"name": "CVE-2014-3522",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3522"
},
{
"name": "CVE-2014-3528",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3528"
},
{
"name": "CVE-2014-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9390"
},
{
"name": "CVE-2015-1067",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1067"
},
{
"name": "CVE-2015-1065",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1065"
},
{
"name": "CVE-2014-4496",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4496"
},
{
"name": "CVE-2015-1061",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1061"
}
],
"initial_release_date": "2015-03-10T00:00:00",
"last_revision_date": "2015-03-10T00:00:00",
"links": [],
"reference": "CERTFR-2015-AVI-092",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-03-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eApple\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT204426 du 09 mars 2015",
"url": "https://support.apple.com/en-us/HT204426"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT204427 du 09 mars 2015",
"url": "https://support.apple.com/en-us/HT204427"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple 2015-002 du 09 mars 2015",
"url": "https://support.apple.com/en-us/HT204413"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT204423 du 09 mars 2015",
"url": "https://support.apple.com/en-us/HT204423"
}
]
}
opensuse-su-2024:10538-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
libsvn_auth_gnome_keyring-1-0-1.9.5-1.1 on GA media
Notes
Title of the patch
libsvn_auth_gnome_keyring-1-0-1.9.5-1.1 on GA media
Description of the patch
These are all security issues fixed in the libsvn_auth_gnome_keyring-1-0-1.9.5-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10538
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libsvn_auth_gnome_keyring-1-0-1.9.5-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10538",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10538-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-2411 page",
"url": "https://www.suse.com/security/cve/CVE-2009-2411/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3315 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3315/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-4539 page",
"url": "https://www.suse.com/security/cve/CVE-2010-4539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-4644 page",
"url": "https://www.suse.com/security/cve/CVE-2010-4644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0715 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-1752 page",
"url": "https://www.suse.com/security/cve/CVE-2011-1752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-1783 page",
"url": "https://www.suse.com/security/cve/CVE-2011-1783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-1921 page",
"url": "https://www.suse.com/security/cve/CVE-2011-1921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1845 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1846 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1847 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1849 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1884 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1968 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-2088 page",
"url": "https://www.suse.com/security/cve/CVE-2013-2088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-2112 page",
"url": "https://www.suse.com/security/cve/CVE-2013-2112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-4131 page",
"url": "https://www.suse.com/security/cve/CVE-2013-4131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-4246 page",
"url": "https://www.suse.com/security/cve/CVE-2013-4246/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-4262 page",
"url": "https://www.suse.com/security/cve/CVE-2013-4262/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-4277 page",
"url": "https://www.suse.com/security/cve/CVE-2013-4277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-4505 page",
"url": "https://www.suse.com/security/cve/CVE-2013-4505/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-4558 page",
"url": "https://www.suse.com/security/cve/CVE-2013-4558/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0032 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3522 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3528 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3580 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8108 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0202 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0248 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0248/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0251 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3184 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3187 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5259 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5343 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2167 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2168 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2168/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8734 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8734/"
}
],
"title": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10538-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"product": {
"name": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"product_id": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"product": {
"name": "libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"product_id": "libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "subversion-1.9.5-1.1.aarch64",
"product": {
"name": "subversion-1.9.5-1.1.aarch64",
"product_id": "subversion-1.9.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "subversion-bash-completion-1.9.5-1.1.aarch64",
"product": {
"name": "subversion-bash-completion-1.9.5-1.1.aarch64",
"product_id": "subversion-bash-completion-1.9.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "subversion-devel-1.9.5-1.1.aarch64",
"product": {
"name": "subversion-devel-1.9.5-1.1.aarch64",
"product_id": "subversion-devel-1.9.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "subversion-perl-1.9.5-1.1.aarch64",
"product": {
"name": "subversion-perl-1.9.5-1.1.aarch64",
"product_id": "subversion-perl-1.9.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "subversion-python-1.9.5-1.1.aarch64",
"product": {
"name": "subversion-python-1.9.5-1.1.aarch64",
"product_id": "subversion-python-1.9.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "subversion-python-ctypes-1.9.5-1.1.aarch64",
"product": {
"name": "subversion-python-ctypes-1.9.5-1.1.aarch64",
"product_id": "subversion-python-ctypes-1.9.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "subversion-ruby-1.9.5-1.1.aarch64",
"product": {
"name": "subversion-ruby-1.9.5-1.1.aarch64",
"product_id": "subversion-ruby-1.9.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "subversion-server-1.9.5-1.1.aarch64",
"product": {
"name": "subversion-server-1.9.5-1.1.aarch64",
"product_id": "subversion-server-1.9.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "subversion-tools-1.9.5-1.1.aarch64",
"product": {
"name": "subversion-tools-1.9.5-1.1.aarch64",
"product_id": "subversion-tools-1.9.5-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"product": {
"name": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"product_id": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"product": {
"name": "libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"product_id": "libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "subversion-1.9.5-1.1.ppc64le",
"product": {
"name": "subversion-1.9.5-1.1.ppc64le",
"product_id": "subversion-1.9.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "subversion-bash-completion-1.9.5-1.1.ppc64le",
"product": {
"name": "subversion-bash-completion-1.9.5-1.1.ppc64le",
"product_id": "subversion-bash-completion-1.9.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "subversion-devel-1.9.5-1.1.ppc64le",
"product": {
"name": "subversion-devel-1.9.5-1.1.ppc64le",
"product_id": "subversion-devel-1.9.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "subversion-perl-1.9.5-1.1.ppc64le",
"product": {
"name": "subversion-perl-1.9.5-1.1.ppc64le",
"product_id": "subversion-perl-1.9.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "subversion-python-1.9.5-1.1.ppc64le",
"product": {
"name": "subversion-python-1.9.5-1.1.ppc64le",
"product_id": "subversion-python-1.9.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "subversion-python-ctypes-1.9.5-1.1.ppc64le",
"product": {
"name": "subversion-python-ctypes-1.9.5-1.1.ppc64le",
"product_id": "subversion-python-ctypes-1.9.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "subversion-ruby-1.9.5-1.1.ppc64le",
"product": {
"name": "subversion-ruby-1.9.5-1.1.ppc64le",
"product_id": "subversion-ruby-1.9.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "subversion-server-1.9.5-1.1.ppc64le",
"product": {
"name": "subversion-server-1.9.5-1.1.ppc64le",
"product_id": "subversion-server-1.9.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "subversion-tools-1.9.5-1.1.ppc64le",
"product": {
"name": "subversion-tools-1.9.5-1.1.ppc64le",
"product_id": "subversion-tools-1.9.5-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"product": {
"name": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"product_id": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"product": {
"name": "libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"product_id": "libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "subversion-1.9.5-1.1.s390x",
"product": {
"name": "subversion-1.9.5-1.1.s390x",
"product_id": "subversion-1.9.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "subversion-bash-completion-1.9.5-1.1.s390x",
"product": {
"name": "subversion-bash-completion-1.9.5-1.1.s390x",
"product_id": "subversion-bash-completion-1.9.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "subversion-devel-1.9.5-1.1.s390x",
"product": {
"name": "subversion-devel-1.9.5-1.1.s390x",
"product_id": "subversion-devel-1.9.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "subversion-perl-1.9.5-1.1.s390x",
"product": {
"name": "subversion-perl-1.9.5-1.1.s390x",
"product_id": "subversion-perl-1.9.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "subversion-python-1.9.5-1.1.s390x",
"product": {
"name": "subversion-python-1.9.5-1.1.s390x",
"product_id": "subversion-python-1.9.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "subversion-python-ctypes-1.9.5-1.1.s390x",
"product": {
"name": "subversion-python-ctypes-1.9.5-1.1.s390x",
"product_id": "subversion-python-ctypes-1.9.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "subversion-ruby-1.9.5-1.1.s390x",
"product": {
"name": "subversion-ruby-1.9.5-1.1.s390x",
"product_id": "subversion-ruby-1.9.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "subversion-server-1.9.5-1.1.s390x",
"product": {
"name": "subversion-server-1.9.5-1.1.s390x",
"product_id": "subversion-server-1.9.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "subversion-tools-1.9.5-1.1.s390x",
"product": {
"name": "subversion-tools-1.9.5-1.1.s390x",
"product_id": "subversion-tools-1.9.5-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"product": {
"name": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"product_id": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"product": {
"name": "libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"product_id": "libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "subversion-1.9.5-1.1.x86_64",
"product": {
"name": "subversion-1.9.5-1.1.x86_64",
"product_id": "subversion-1.9.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "subversion-bash-completion-1.9.5-1.1.x86_64",
"product": {
"name": "subversion-bash-completion-1.9.5-1.1.x86_64",
"product_id": "subversion-bash-completion-1.9.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "subversion-devel-1.9.5-1.1.x86_64",
"product": {
"name": "subversion-devel-1.9.5-1.1.x86_64",
"product_id": "subversion-devel-1.9.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "subversion-perl-1.9.5-1.1.x86_64",
"product": {
"name": "subversion-perl-1.9.5-1.1.x86_64",
"product_id": "subversion-perl-1.9.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "subversion-python-1.9.5-1.1.x86_64",
"product": {
"name": "subversion-python-1.9.5-1.1.x86_64",
"product_id": "subversion-python-1.9.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "subversion-python-ctypes-1.9.5-1.1.x86_64",
"product": {
"name": "subversion-python-ctypes-1.9.5-1.1.x86_64",
"product_id": "subversion-python-ctypes-1.9.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "subversion-ruby-1.9.5-1.1.x86_64",
"product": {
"name": "subversion-ruby-1.9.5-1.1.x86_64",
"product_id": "subversion-ruby-1.9.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "subversion-server-1.9.5-1.1.x86_64",
"product": {
"name": "subversion-server-1.9.5-1.1.x86_64",
"product_id": "subversion-server-1.9.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "subversion-tools-1.9.5-1.1.x86_64",
"product": {
"name": "subversion-tools-1.9.5-1.1.x86_64",
"product_id": "subversion-tools-1.9.5-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64"
},
"product_reference": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le"
},
"product_reference": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x"
},
"product_reference": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64"
},
"product_reference": "libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64"
},
"product_reference": "libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le"
},
"product_reference": "libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x"
},
"product_reference": "libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64"
},
"product_reference": "libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-1.9.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64"
},
"product_reference": "subversion-1.9.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-1.9.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le"
},
"product_reference": "subversion-1.9.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-1.9.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x"
},
"product_reference": "subversion-1.9.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-1.9.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64"
},
"product_reference": "subversion-1.9.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-bash-completion-1.9.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64"
},
"product_reference": "subversion-bash-completion-1.9.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-bash-completion-1.9.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le"
},
"product_reference": "subversion-bash-completion-1.9.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-bash-completion-1.9.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x"
},
"product_reference": "subversion-bash-completion-1.9.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-bash-completion-1.9.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64"
},
"product_reference": "subversion-bash-completion-1.9.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-devel-1.9.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64"
},
"product_reference": "subversion-devel-1.9.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-devel-1.9.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le"
},
"product_reference": "subversion-devel-1.9.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-devel-1.9.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x"
},
"product_reference": "subversion-devel-1.9.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-devel-1.9.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64"
},
"product_reference": "subversion-devel-1.9.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-perl-1.9.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64"
},
"product_reference": "subversion-perl-1.9.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-perl-1.9.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le"
},
"product_reference": "subversion-perl-1.9.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-perl-1.9.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x"
},
"product_reference": "subversion-perl-1.9.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-perl-1.9.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64"
},
"product_reference": "subversion-perl-1.9.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-python-1.9.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64"
},
"product_reference": "subversion-python-1.9.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-python-1.9.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le"
},
"product_reference": "subversion-python-1.9.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-python-1.9.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x"
},
"product_reference": "subversion-python-1.9.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-python-1.9.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64"
},
"product_reference": "subversion-python-1.9.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-python-ctypes-1.9.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64"
},
"product_reference": "subversion-python-ctypes-1.9.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-python-ctypes-1.9.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le"
},
"product_reference": "subversion-python-ctypes-1.9.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-python-ctypes-1.9.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x"
},
"product_reference": "subversion-python-ctypes-1.9.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-python-ctypes-1.9.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64"
},
"product_reference": "subversion-python-ctypes-1.9.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-ruby-1.9.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64"
},
"product_reference": "subversion-ruby-1.9.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-ruby-1.9.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le"
},
"product_reference": "subversion-ruby-1.9.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-ruby-1.9.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x"
},
"product_reference": "subversion-ruby-1.9.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-ruby-1.9.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64"
},
"product_reference": "subversion-ruby-1.9.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-server-1.9.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64"
},
"product_reference": "subversion-server-1.9.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-server-1.9.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le"
},
"product_reference": "subversion-server-1.9.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-server-1.9.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x"
},
"product_reference": "subversion-server-1.9.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-server-1.9.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64"
},
"product_reference": "subversion-server-1.9.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-tools-1.9.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64"
},
"product_reference": "subversion-tools-1.9.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-tools-1.9.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le"
},
"product_reference": "subversion-tools-1.9.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-tools-1.9.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x"
},
"product_reference": "subversion-tools-1.9.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subversion-tools-1.9.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
},
"product_reference": "subversion-tools-1.9.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-2411",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-2411"
}
],
"notes": [
{
"category": "general",
"text": "Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-2411",
"url": "https://www.suse.com/security/cve/CVE-2009-2411"
},
{
"category": "external",
"summary": "SUSE Bug 528714 for CVE-2009-2411",
"url": "https://bugzilla.suse.com/528714"
},
{
"category": "external",
"summary": "SUSE Bug 802057 for CVE-2009-2411",
"url": "https://bugzilla.suse.com/802057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2009-2411"
},
{
"cve": "CVE-2010-3315",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3315"
}
],
"notes": [
{
"category": "general",
"text": "authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3315",
"url": "https://www.suse.com/security/cve/CVE-2010-3315"
},
{
"category": "external",
"summary": "SUSE Bug 649861 for CVE-2010-3315",
"url": "https://bugzilla.suse.com/649861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3315"
},
{
"cve": "CVE-2010-4539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-4539"
}
],
"notes": [
{
"category": "general",
"text": "The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-4539",
"url": "https://www.suse.com/security/cve/CVE-2010-4539"
},
{
"category": "external",
"summary": "SUSE Bug 662030 for CVE-2010-4539",
"url": "https://bugzilla.suse.com/662030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-4539"
},
{
"cve": "CVE-2010-4644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-4644"
}
],
"notes": [
{
"category": "general",
"text": "Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-4644",
"url": "https://www.suse.com/security/cve/CVE-2010-4644"
},
{
"category": "external",
"summary": "SUSE Bug 662030 for CVE-2010-4644",
"url": "https://bugzilla.suse.com/662030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2010-4644"
},
{
"cve": "CVE-2011-0715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0715"
}
],
"notes": [
{
"category": "general",
"text": "The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0715",
"url": "https://www.suse.com/security/cve/CVE-2011-0715"
},
{
"category": "external",
"summary": "SUSE Bug 676949 for CVE-2011-0715",
"url": "https://bugzilla.suse.com/676949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-0715"
},
{
"cve": "CVE-2011-1752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-1752"
}
],
"notes": [
{
"category": "general",
"text": "The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-1752",
"url": "https://www.suse.com/security/cve/CVE-2011-1752"
},
{
"category": "external",
"summary": "SUSE Bug 698205 for CVE-2011-1752",
"url": "https://bugzilla.suse.com/698205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-1752"
},
{
"cve": "CVE-2011-1783",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-1783"
}
],
"notes": [
{
"category": "general",
"text": "The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-1783",
"url": "https://www.suse.com/security/cve/CVE-2011-1783"
},
{
"category": "external",
"summary": "SUSE Bug 698205 for CVE-2011-1783",
"url": "https://bugzilla.suse.com/698205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-1783"
},
{
"cve": "CVE-2011-1921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-1921"
}
],
"notes": [
{
"category": "general",
"text": "The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-1921",
"url": "https://www.suse.com/security/cve/CVE-2011-1921"
},
{
"category": "external",
"summary": "SUSE Bug 698205 for CVE-2011-1921",
"url": "https://bugzilla.suse.com/698205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-1921"
},
{
"cve": "CVE-2013-1845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1845"
}
],
"notes": [
{
"category": "general",
"text": "The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1845",
"url": "https://www.suse.com/security/cve/CVE-2013-1845"
},
{
"category": "external",
"summary": "SUSE Bug 813913 for CVE-2013-1845",
"url": "https://bugzilla.suse.com/813913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2013-1845"
},
{
"cve": "CVE-2013-1846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1846"
}
],
"notes": [
{
"category": "general",
"text": "The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1846",
"url": "https://www.suse.com/security/cve/CVE-2013-1846"
},
{
"category": "external",
"summary": "SUSE Bug 813913 for CVE-2013-1846",
"url": "https://bugzilla.suse.com/813913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2013-1846"
},
{
"cve": "CVE-2013-1847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1847"
}
],
"notes": [
{
"category": "general",
"text": "The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1847",
"url": "https://www.suse.com/security/cve/CVE-2013-1847"
},
{
"category": "external",
"summary": "SUSE Bug 813913 for CVE-2013-1847",
"url": "https://bugzilla.suse.com/813913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1847"
},
{
"cve": "CVE-2013-1849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1849"
}
],
"notes": [
{
"category": "general",
"text": "The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1849",
"url": "https://www.suse.com/security/cve/CVE-2013-1849"
},
{
"category": "external",
"summary": "SUSE Bug 813913 for CVE-2013-1849",
"url": "https://bugzilla.suse.com/813913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1849"
},
{
"cve": "CVE-2013-1884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1884"
}
],
"notes": [
{
"category": "general",
"text": "The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1884",
"url": "https://www.suse.com/security/cve/CVE-2013-1884"
},
{
"category": "external",
"summary": "SUSE Bug 813913 for CVE-2013-1884",
"url": "https://bugzilla.suse.com/813913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1884"
},
{
"cve": "CVE-2013-1968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1968"
}
],
"notes": [
{
"category": "general",
"text": "Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1968",
"url": "https://www.suse.com/security/cve/CVE-2013-1968"
},
{
"category": "external",
"summary": "SUSE Bug 821505 for CVE-2013-1968",
"url": "https://bugzilla.suse.com/821505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1968"
},
{
"cve": "CVE-2013-2088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-2088"
}
],
"notes": [
{
"category": "general",
"text": "contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-2088",
"url": "https://www.suse.com/security/cve/CVE-2013-2088"
},
{
"category": "external",
"summary": "SUSE Bug 821505 for CVE-2013-2088",
"url": "https://bugzilla.suse.com/821505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-2088"
},
{
"cve": "CVE-2013-2112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-2112"
}
],
"notes": [
{
"category": "general",
"text": "The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-2112",
"url": "https://www.suse.com/security/cve/CVE-2013-2112"
},
{
"category": "external",
"summary": "SUSE Bug 821505 for CVE-2013-2112",
"url": "https://bugzilla.suse.com/821505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-2112"
},
{
"cve": "CVE-2013-4131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-4131"
}
],
"notes": [
{
"category": "general",
"text": "The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-4131",
"url": "https://www.suse.com/security/cve/CVE-2013-4131"
},
{
"category": "external",
"summary": "SUSE Bug 830031 for CVE-2013-4131",
"url": "https://bugzilla.suse.com/830031"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2013-4131"
},
{
"cve": "CVE-2013-4246",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-4246"
}
],
"notes": [
{
"category": "general",
"text": "libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-4246",
"url": "https://www.suse.com/security/cve/CVE-2013-4246"
},
{
"category": "external",
"summary": "SUSE Bug 836245 for CVE-2013-4246",
"url": "https://bugzilla.suse.com/836245"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-4246"
},
{
"cve": "CVE-2013-4262",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-4262"
}
],
"notes": [
{
"category": "general",
"text": "svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. NOTE: this issue was SPLIT due to different affected versions (ADT3). The irkerbridge.py issue is covered by CVE-2013-7393.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-4262",
"url": "https://www.suse.com/security/cve/CVE-2013-4262"
},
{
"category": "external",
"summary": "SUSE Bug 844201 for CVE-2013-4262",
"url": "https://bugzilla.suse.com/844201"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2013-4262"
},
{
"cve": "CVE-2013-4277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-4277"
}
],
"notes": [
{
"category": "general",
"text": "Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-4277",
"url": "https://www.suse.com/security/cve/CVE-2013-4277"
},
{
"category": "external",
"summary": "SUSE Bug 836245 for CVE-2013-4277",
"url": "https://bugzilla.suse.com/836245"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-4277"
},
{
"cve": "CVE-2013-4505",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-4505"
}
],
"notes": [
{
"category": "general",
"text": "The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-4505",
"url": "https://www.suse.com/security/cve/CVE-2013-4505"
},
{
"category": "external",
"summary": "SUSE Bug 850667 for CVE-2013-4505",
"url": "https://bugzilla.suse.com/850667"
},
{
"category": "external",
"summary": "SUSE Bug 850747 for CVE-2013-4505",
"url": "https://bugzilla.suse.com/850747"
},
{
"category": "external",
"summary": "SUSE Bug 862459 for CVE-2013-4505",
"url": "https://bugzilla.suse.com/862459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2013-4505"
},
{
"cve": "CVE-2013-4558",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-4558"
}
],
"notes": [
{
"category": "general",
"text": "The get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service (assertion failure and Apache process abort) via a non-canonical URL in a request, as demonstrated using a trailing /.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-4558",
"url": "https://www.suse.com/security/cve/CVE-2013-4558"
},
{
"category": "external",
"summary": "SUSE Bug 850667 for CVE-2013-4558",
"url": "https://bugzilla.suse.com/850667"
},
{
"category": "external",
"summary": "SUSE Bug 850747 for CVE-2013-4558",
"url": "https://bugzilla.suse.com/850747"
},
{
"category": "external",
"summary": "SUSE Bug 862459 for CVE-2013-4558",
"url": "https://bugzilla.suse.com/862459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2013-4558"
},
{
"cve": "CVE-2014-0032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0032"
}
],
"notes": [
{
"category": "general",
"text": "The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the server root and request methods other than GET, as demonstrated by the \"svn ls http://svn.example.com\" command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0032",
"url": "https://www.suse.com/security/cve/CVE-2014-0032"
},
{
"category": "external",
"summary": "SUSE Bug 862459 for CVE-2014-0032",
"url": "https://bugzilla.suse.com/862459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-0032"
},
{
"cve": "CVE-2014-3522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3522"
}
],
"notes": [
{
"category": "general",
"text": "The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3522",
"url": "https://www.suse.com/security/cve/CVE-2014-3522"
},
{
"category": "external",
"summary": "SUSE Bug 890511 for CVE-2014-3522",
"url": "https://bugzilla.suse.com/890511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2014-3522"
},
{
"cve": "CVE-2014-3528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3528"
}
],
"notes": [
{
"category": "general",
"text": "Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3528",
"url": "https://www.suse.com/security/cve/CVE-2014-3528"
},
{
"category": "external",
"summary": "SUSE Bug 889849 for CVE-2014-3528",
"url": "https://bugzilla.suse.com/889849"
},
{
"category": "external",
"summary": "SUSE Bug 890511 for CVE-2014-3528",
"url": "https://bugzilla.suse.com/890511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2014-3528"
},
{
"cve": "CVE-2014-3580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3580"
}
],
"notes": [
{
"category": "general",
"text": "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3580",
"url": "https://www.suse.com/security/cve/CVE-2014-3580"
},
{
"category": "external",
"summary": "SUSE Bug 909935 for CVE-2014-3580",
"url": "https://bugzilla.suse.com/909935"
},
{
"category": "external",
"summary": "SUSE Bug 910376 for CVE-2014-3580",
"url": "https://bugzilla.suse.com/910376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-3580"
},
{
"cve": "CVE-2014-8108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8108"
}
],
"notes": [
{
"category": "general",
"text": "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8108",
"url": "https://www.suse.com/security/cve/CVE-2014-8108"
},
{
"category": "external",
"summary": "SUSE Bug 909935 for CVE-2014-8108",
"url": "https://bugzilla.suse.com/909935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-8108"
},
{
"cve": "CVE-2015-0202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0202"
}
],
"notes": [
{
"category": "general",
"text": "The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows remote attackers to cause a denial of service (memory consumption) via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0202",
"url": "https://www.suse.com/security/cve/CVE-2015-0202"
},
{
"category": "external",
"summary": "SUSE Bug 923793 for CVE-2015-0202",
"url": "https://bugzilla.suse.com/923793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0202"
},
{
"cve": "CVE-2015-0248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0248"
}
],
"notes": [
{
"category": "general",
"text": "The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0248",
"url": "https://www.suse.com/security/cve/CVE-2015-0248"
},
{
"category": "external",
"summary": "SUSE Bug 923794 for CVE-2015-0248",
"url": "https://bugzilla.suse.com/923794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-0248"
},
{
"cve": "CVE-2015-0251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0251"
}
],
"notes": [
{
"category": "general",
"text": "The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0251",
"url": "https://www.suse.com/security/cve/CVE-2015-0251"
},
{
"category": "external",
"summary": "SUSE Bug 923795 for CVE-2015-0251",
"url": "https://bugzilla.suse.com/923795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2015-0251"
},
{
"cve": "CVE-2015-3184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3184"
}
],
"notes": [
{
"category": "general",
"text": "mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3184",
"url": "https://www.suse.com/security/cve/CVE-2015-3184"
},
{
"category": "external",
"summary": "SUSE Bug 938723 for CVE-2015-3184",
"url": "https://bugzilla.suse.com/938723"
},
{
"category": "external",
"summary": "SUSE Bug 939514 for CVE-2015-3184",
"url": "https://bugzilla.suse.com/939514"
},
{
"category": "external",
"summary": "SUSE Bug 939516 for CVE-2015-3184",
"url": "https://bugzilla.suse.com/939516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-3184"
},
{
"cve": "CVE-2015-3187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3187"
}
],
"notes": [
{
"category": "general",
"text": "The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3187",
"url": "https://www.suse.com/security/cve/CVE-2015-3187"
},
{
"category": "external",
"summary": "SUSE Bug 939517 for CVE-2015-3187",
"url": "https://bugzilla.suse.com/939517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2015-3187"
},
{
"cve": "CVE-2015-5259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5259"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5259",
"url": "https://www.suse.com/security/cve/CVE-2015-5259"
},
{
"category": "external",
"summary": "SUSE Bug 958299 for CVE-2015-5259",
"url": "https://bugzilla.suse.com/958299"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-5259"
},
{
"cve": "CVE-2015-5343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5343"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5343",
"url": "https://www.suse.com/security/cve/CVE-2015-5343"
},
{
"category": "external",
"summary": "SUSE Bug 958300 for CVE-2015-5343",
"url": "https://bugzilla.suse.com/958300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-5343"
},
{
"cve": "CVE-2016-2167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2167"
}
],
"notes": [
{
"category": "general",
"text": "The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2167",
"url": "https://www.suse.com/security/cve/CVE-2016-2167"
},
{
"category": "external",
"summary": "SUSE Bug 976849 for CVE-2016-2167",
"url": "https://bugzilla.suse.com/976849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-2167"
},
{
"cve": "CVE-2016-2168",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2168"
}
],
"notes": [
{
"category": "general",
"text": "The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2168",
"url": "https://www.suse.com/security/cve/CVE-2016-2168"
},
{
"category": "external",
"summary": "SUSE Bug 976850 for CVE-2016-2168",
"url": "https://bugzilla.suse.com/976850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2168"
},
{
"cve": "CVE-2016-8734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8734"
}
],
"notes": [
{
"category": "general",
"text": "Apache Subversion\u0027s mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8734",
"url": "https://www.suse.com/security/cve/CVE-2016-8734"
},
{
"category": "external",
"summary": "SUSE Bug 1011552 for CVE-2016-8734",
"url": "https://bugzilla.suse.com/1011552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_gnome_keyring-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:libsvn_auth_kwallet-1-0-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-bash-completion-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-devel-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-perl-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-python-ctypes-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-ruby-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-server-1.9.5-1.1.x86_64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.aarch64",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.ppc64le",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.s390x",
"openSUSE Tumbleweed:subversion-tools-1.9.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-8734"
}
]
}
ghsa-962w-gj84-vpr7
Vulnerability from github
Published
2022-05-14 02:09
Modified
2022-05-14 02:09
VLAI Severity ?
Details
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
{
"affected": [],
"aliases": [
"CVE-2014-3522"
],
"database_specific": {
"cwe_ids": [
"CWE-297"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2014-08-19T18:55:00Z",
"severity": "MODERATE"
},
"details": "The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.",
"id": "GHSA-962w-gj84-vpr7",
"modified": "2022-05-14T02:09:29Z",
"published": "2022-05-14T02:09:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3522"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95090"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95311"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201610-05"
},
{
"type": "WEB",
"url": "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT204427"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/59432"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/59584"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/60100"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/60722"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"type": "WEB",
"url": "http://www.osvdb.org/109996"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/69237"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2316-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
fkie_cve-2014-3522
Vulnerability from fkie_nvd
Published
2014-08-19 18:55
Modified
2025-04-12 10:46
Severity ?
Summary
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/59432 | ||
| secalert@redhat.com | http://secunia.com/advisories/59584 | ||
| secalert@redhat.com | http://secunia.com/advisories/60100 | ||
| secalert@redhat.com | http://secunia.com/advisories/60722 | ||
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | ||
| secalert@redhat.com | http://www.osvdb.org/109996 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/69237 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2316-1 | Third Party Advisory | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/95090 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/95311 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201610-05 | ||
| secalert@redhat.com | https://subversion.apache.org/security/CVE-2014-3522-advisory.txt | Patch, Vendor Advisory | |
| secalert@redhat.com | https://support.apple.com/HT204427 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/59432 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/59584 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60100 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60722 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/109996 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/69237 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2316-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/95090 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/95311 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201610-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://subversion.apache.org/security/CVE-2014-3522-advisory.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/HT204427 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | subversion | 1.4.0 | |
| apache | subversion | 1.4.1 | |
| apache | subversion | 1.4.2 | |
| apache | subversion | 1.4.3 | |
| apache | subversion | 1.4.4 | |
| apache | subversion | 1.4.5 | |
| apache | subversion | 1.4.6 | |
| apache | subversion | 1.5.0 | |
| apache | subversion | 1.5.1 | |
| apache | subversion | 1.5.2 | |
| apache | subversion | 1.5.3 | |
| apache | subversion | 1.5.4 | |
| apache | subversion | 1.5.5 | |
| apache | subversion | 1.5.6 | |
| apache | subversion | 1.5.7 | |
| apache | subversion | 1.5.8 | |
| apache | subversion | 1.6.0 | |
| apache | subversion | 1.6.1 | |
| apache | subversion | 1.6.2 | |
| apache | subversion | 1.6.3 | |
| apache | subversion | 1.6.4 | |
| apache | subversion | 1.6.5 | |
| apache | subversion | 1.6.6 | |
| apache | subversion | 1.6.7 | |
| apache | subversion | 1.6.8 | |
| apache | subversion | 1.6.9 | |
| apache | subversion | 1.6.10 | |
| apache | subversion | 1.6.11 | |
| apache | subversion | 1.6.12 | |
| apache | subversion | 1.6.13 | |
| apache | subversion | 1.6.14 | |
| apache | subversion | 1.6.15 | |
| apache | subversion | 1.6.16 | |
| apache | subversion | 1.6.17 | |
| apache | subversion | 1.6.18 | |
| apache | subversion | 1.6.19 | |
| apache | subversion | 1.6.20 | |
| apache | subversion | 1.6.21 | |
| apache | subversion | 1.6.23 | |
| apache | subversion | 1.7.0 | |
| apache | subversion | 1.7.1 | |
| apache | subversion | 1.7.2 | |
| apache | subversion | 1.7.3 | |
| apache | subversion | 1.7.4 | |
| apache | subversion | 1.7.5 | |
| apache | subversion | 1.7.6 | |
| apache | subversion | 1.7.7 | |
| apache | subversion | 1.7.8 | |
| apache | subversion | 1.7.9 | |
| apache | subversion | 1.7.10 | |
| apache | subversion | 1.7.11 | |
| apache | subversion | 1.7.12 | |
| apache | subversion | 1.7.13 | |
| apache | subversion | 1.7.14 | |
| apache | subversion | 1.7.15 | |
| apache | subversion | 1.7.16 | |
| apache | subversion | 1.7.17 | |
| apache | subversion | 1.8.0 | |
| apache | subversion | 1.8.1 | |
| apache | subversion | 1.8.2 | |
| apache | subversion | 1.8.3 | |
| apache | subversion | 1.8.4 | |
| apache | subversion | 1.8.5 | |
| apache | subversion | 1.8.6 | |
| apache | subversion | 1.8.7 | |
| apache | subversion | 1.8.8 | |
| apache | subversion | 1.8.9 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| apple | xcode | 6.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:subversion:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13109084-931E-4565-BEE5-794B83E6978D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4ED3EA46-88F7-438D-B8FC-D6C5E1C8984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "726B9C10-ACD5-41C2-A552-FD0046A75966",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87D72A75-EDB9-4AD1-B6FC-8A918804DE0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B55A7A26-C994-4956-BBE7-BF3A51971295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9E26AB-915A-477F-BA5C-10965A7098F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DFD49A9B-16A7-4362-8D62-6EB5ECBE4296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B0CB798-F4ED-44E5-9B15-B7009EAC6303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3F6E5C-CF55-4CEB-A5B6-D49E0234FF3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C1DD29-88D2-49DE-9B77-D925A4B9EB7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "67130DAF-AE81-43D2-A208-58A53746A7E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9F8426-38CB-46B4-B0D0-8D16B48DD53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "90631FFA-9AB2-483D-B162-31A47428D280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8BD5A981-3FDD-4E74-8EB2-5F324246FFF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "88F4E8C9-671B-4DA3-9D0D-98539D8D4FE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "341F900B-5179-4CB4-9F41-91B58B29C414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F34F463-6350-4F48-B037-856DDBB1A4FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C813BA-B8F9-446B-A07F-B51F26815578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3DF4080D-0D95-429E-88AA-1051A5520C01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CF50F098-A055-4B79-AC35-6BD6F32D70F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "540461D4-87F4-42AB-ADDC-C7A067FE2893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3E676744-C623-4894-8764-43588E56D2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "669735D1-1C14-4CD7-AA7C-AD2CA63A1979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C568FD-54BC-4506-AF60-BFE7CE14D0F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F71F24-D909-49D9-8B4F-FA757FDF1C25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "034D1C36-B73E-443E-A6B4-44CC6E7BC043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D373245-8384-45E4-BE2E-E0518BD7F84F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EED44413-D313-4588-9A4B-25F79D0925A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C193EB08-BBC2-43A2-B11A-9C7E2098862D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "022A5BCE-A1DC-48E2-829D-AD9261562095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "155F83A1-A04A-48C0-A801-B38F129F310F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "302DC06D-5FB1-4EF9-B5E1-6407B88D65FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "27A15D05-29BA-4CCC-9348-A516E1E2C079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "2004B474-9869-445D-957D-20EF254FB461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "8F91A5E0-0DD8-47DD-B52E-A15E8064945F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "9C34BE8D-6DFF-4E57-971C-8CCEF13E6500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDBC5BA-6A3C-4DB9-BE16-83A4EB85100C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.21:*:*:*:*:*:*:*",
"matchCriteriaId": "DF1B4950-4D56-47A2-BCE8-FB3714EA1B2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.23:*:*:*:*:*:*:*",
"matchCriteriaId": "3194C6CE-3E8A-4861-AED1-942824974AE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D102460-B5D5-46C4-8021-7C3510A5FCF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92265E60-7BBF-4E8E-A438-4132D8FD57BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "346DE008-472F-47E1-8B96-F968C7D0A003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9BDB22-29E0-48A3-8765-FAC6A3442A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5EB3A7-DE33-42CB-9B5E-646B9D4FFBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F63AB9E5-FD99-40A8-B24F-623BDDBCA427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEA6C3E-C41B-4EF9-84E1-72BC6B72D1C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B873C1-E7D6-4E55-A5A7-85000B686071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "87D2E8DD-4225-476A-AF17-7621C9A28391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "40D913E2-0FBD-4F6C-8A21-43A0681237BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4B869CEB-7637-48C3-8A4C-171CFB766B97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "75CF5BC1-7071-48A3-86A9-C843485CAED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.12:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB23250-EBD2-4A5F-BF5E-1DAE1A64EF0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.13:*:*:*:*:*:*:*",
"matchCriteriaId": "200DB058-C9F0-4983-AF99-EBB8FC2E7875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.14:*:*:*:*:*:*:*",
"matchCriteriaId": "57697AAD-5264-4C05-89E4-0228DEF2E9DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.15:*:*:*:*:*:*:*",
"matchCriteriaId": "24295270-DCBF-4FF3-88F7-E9A30B6388E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.16:*:*:*:*:*:*:*",
"matchCriteriaId": "22E754F2-5D3D-437E-BB15-693D2EB58DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CF4232D2-1F70-4A06-BD11-A0DFE6CE0744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0E7811-3B60-46E7-943C-E0E7ED00FB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A57A3347-6C48-4803-AB4E-A4BC0E6BFA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50D26799-D038-470A-A468-58DBDB64A7E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D3769BD6-B104-4F74-B8C4-89398A8894FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9757DD5E-42A6-44B8-9692-49690F60C8D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A7B5A014-D4EE-4244-AABA-0873492F7295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9F8C2A-A94E-4D99-839B-47AAE8754191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69D29A9E-DB23-4D86-B4A3-3C4F663416AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D86AEE89-9F8E-43A5-A888-F421B10DB2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D335628F-EC07-43BE-9B29-3365A6F64D71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:xcode:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81EE9433-C21F-4902-B37E-CF4FC1132B72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate."
},
{
"lang": "es",
"value": "La capa Serf RA en Apache Subversion 1.4.0 hasta 1.7.x anterior a 1.7.18 y 1.8.x anterior a 1.8.10 no maneja debidamente los comodines (wildcards) en el campo Common Name (CN) o subjectAltName de un certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores a trav\u00e9s de un certificado manipulado."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/297.html\" target=\"_blank\"\u003eCWE-297: Improper Validation of Certificate with Host Mismatch\u003c/a\u003e",
"id": "CVE-2014-3522",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-08-19T18:55:02.640",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/59432"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/59584"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/60100"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/60722"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/109996"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/69237"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2316-1"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95090"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95311"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201610-05"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT204427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59584"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/109996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/69237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2316-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201610-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT204427"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-297"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201408-0086
Vulnerability from variot
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. Supplementary information : CWE Vulnerability type by CWE-297: Improper Validation of Certificate with Host Mismatch ( Improper validation of certificates due to host mismatch ) Has been identified. http://cwe.mitre.org/data/definitions/297.htmlA man-in-the-middle attack can impersonate a server through a crafted certificate. Apache Subversion is prone to an information disclosure vulnerability. This may allow the attacker to obtain or modify sensitive information. Information harvested may aid in further attacks. The system is compatible with the Concurrent Versions System (CVS). The vulnerability stems from the fact that the program does not correctly handle the Common Name ( CN) or a wildcard for the subjectAltName field. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2015:085 http://www.mandriva.com/en/support/security/
Package : subversion Date : March 28, 2015 Affected: Business Server 2.0
Problem Description:
Updated subversion packages fix security vulnerabilities:
The mod_dav_svn module in Apache Subversion before 1.8.8, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via an OPTIONS request (CVE-2014-0032).
Ben Reser discovered that Subversion did not correctly validate SSL certificates containing wildcards.
Bert Huijben discovered that Subversion did not properly handle cached credentials. A malicious server could possibly use this issue to obtain credentials cached for a different server (CVE-2014-3528).
A NULL pointer dereference flaw was found in the way mod_dav_svn handled REPORT requests. A remote, unauthenticated attacker could use a crafted REPORT request to crash mod_dav_svn (CVE-2014-3580).
A NULL pointer dereference flaw was found in the way mod_dav_svn handled URIs for virtual transaction names. A remote, unauthenticated attacker could send a request for a virtual transaction name that does not exist, causing mod_dav_svn to crash (CVE-2014-8108).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0032 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3522 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3528 http://advisories.mageia.org/MGASA-2014-0105.html http://advisories.mageia.org/MGASA-2014-0339.html http://advisories.mageia.org/MGASA-2014-0545.html
Updated Packages:
Mandriva Business Server 2/X86_64: 3c1e67f77228815883b105a8e62a10e0 mbs2/x86_64/apache-mod_dav_svn-1.8.11-1.mbs2.x86_64.rpm 35c5f1efb679c09bc48d917b94954713 mbs2/x86_64/lib64svn0-1.8.11-1.mbs2.x86_64.rpm 56722eb7ac7b08654d795a5981ebd210 mbs2/x86_64/lib64svnjavahl1-1.8.11-1.mbs2.x86_64.rpm e1479d1c61864767d56a147bb4ee9b7f mbs2/x86_64/perl-SVN-1.8.11-1.mbs2.x86_64.rpm 7c4d79f31b0559c22cc84f39a06f9da0 mbs2/x86_64/perl-svn-devel-1.8.11-1.mbs2.x86_64.rpm 14720ab01668a9d04b566d5102c09f68 mbs2/x86_64/python-svn-1.8.11-1.mbs2.x86_64.rpm 07db3a7142457efc1e0547fd40bbf03f mbs2/x86_64/python-svn-devel-1.8.11-1.mbs2.x86_64.rpm 8d0511abbed2c57f505183bf00c4ab0d mbs2/x86_64/ruby-svn-1.8.11-1.mbs2.x86_64.rpm 8d062f6dd429b87f2b1d432c92e9a84a mbs2/x86_64/ruby-svn-devel-1.8.11-1.mbs2.x86_64.rpm 31e14a18991a2383065a069d53d3cd4e mbs2/x86_64/subversion-1.8.11-1.mbs2.x86_64.rpm 1ce1c374c428409e8a6380d64b8706f8 mbs2/x86_64/subversion-devel-1.8.11-1.mbs2.x86_64.rpm 052411de41e785decc0bc130e2756eff mbs2/x86_64/subversion-doc-1.8.11-1.mbs2.x86_64.rpm 98c1473e3721e4c9a6996db448c6ff36 mbs2/x86_64/subversion-server-1.8.11-1.mbs2.x86_64.rpm 6ad3881116530af4d889bb6c142d70dc mbs2/x86_64/subversion-tools-1.8.11-1.mbs2.x86_64.rpm 3fb0c871a5771c8fe4c6475b5ac0406c mbs2/x86_64/svn-javahl-1.8.11-1.mbs2.x86_64.rpm 45e0624a89e4c79d4739cd4eb22d9a29 mbs2/SRPMS/subversion-1.8.11-1.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFVFl6JmqjQ0CJFipgRAgkVAJ4xKUzteqhyYcBC4AuYoZ7Lv3oQZQCfROhl NaJSaZq4W6qIMwD8fhQF5Ls= =R/mF -----END PGP SIGNATURE----- . ============================================================================ Ubuntu Security Notice USN-2316-1 August 14, 2014
subversion vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in Subversion.
Software Description: - subversion: Advanced version control system
Details:
Lieven Govaerts discovered that the Subversion mod_dav_svn module incorrectly handled certain request methods when SVNListParentPath was enabled. This issue only affected Ubuntu 12.04 LTS. (CVE-2014-3528)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: libsvn1 1.8.8-1ubuntu3.1 subversion 1.8.8-1ubuntu3.1
Ubuntu 12.04 LTS: libapache2-svn 1.6.17dfsg-3ubuntu3.4 libsvn1 1.6.17dfsg-3ubuntu3.4 subversion 1.6.17dfsg-3ubuntu3.4
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2316-1 CVE-2014-0032, CVE-2014-3522, CVE-2014-3528
Package Information: https://launchpad.net/ubuntu/+source/subversion/1.8.8-1ubuntu3.1 https://launchpad.net/ubuntu/+source/subversion/1.6.17dfsg-3ubuntu3.4 .
Gentoo Linux Security Advisory GLSA 201610-05
https://security.gentoo.org/
Severity: Normal Title: Subversion, Serf: Multiple Vulnerabilities Date: October 11, 2016 Bugs: #500482, #518716, #519202, #545348, #556076, #567810, #581448, #586046 ID: 201610-05
Synopsis
Multiple vulnerabilities have been found in Subversion and Serf, the worst of which could lead to execution of arbitrary code.
Background
Subversion is a version control system intended to eventually replace CVS. Like CVS, it has an optional client-server architecture (where the server can be an Apache server running mod_svn, or an ssh program as in CVS's :ext: method). In addition to supporting the features found in CVS, Subversion also provides support for moving and copying files and directories.
The serf library is a high performance C-based HTTP client library built upon the Apache Portable Runtime (APR) library.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-vcs/subversion < 1.9.4 >= 1.9.4 *> 1.8.16 2 net-libs/serf < 1.3.7 >= 1.3.7 ------------------------------------------------------------------- 2 affected packages
Description
Multiple vulnerabilities have been discovered in Subversion and Serf. Please review the CVE identifiers referenced below for details
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, conduct a man-in-the-middle attack, obtain sensitive information, or cause a Denial of Service Condition.
Workaround
There is no known workaround at this time.
Resolution
All Subversion users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-vcs/subversion-1.9.4"
All Serf users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/serf-1.3.7"
References
[ 1 ] CVE-2014-0032 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0032 [ 2 ] CVE-2014-3504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3504 [ 3 ] CVE-2014-3522 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3522 [ 4 ] CVE-2014-3528 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3528 [ 5 ] CVE-2015-0202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0202 [ 6 ] CVE-2015-0248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0248 [ 7 ] CVE-2015-0251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0251 [ 8 ] CVE-2015-3184 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3184 [ 9 ] CVE-2015-3187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3187 [ 10 ] CVE-2015-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5259 [ 11 ] CVE-2016-2167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2167 [ 12 ] CVE-2016-2168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2168
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201610-05
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. CVE-ID CVE-2014-3522 CVE-2014-3528 CVE-2014-3580 CVE-2014-8108
Git Available for: OS X Mavericks v10.9.4 or later Impact: Synching with a malicious git repository may allow unexpected files to be added to the .git folder Description: The checks involved in disallowed paths did not account for case insensitivity or unicode characters. This issue was addressed by adding additional checks. CVE-ID CVE-2014-9390 : Matt Mackall of Mercurial and Augie Fackler of Mercurial
Xcode 6.2 may be obtained from: https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
- Select Xcode in the menu bar
- Select About Xcode
- The version after applying this update will be "6.2"
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201408-0086",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "subversion",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "1.8.9"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "1.7.17"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "1.7.9"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "1.7.7"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "1.7.6"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "1.7.4"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "1.7.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "1.8.7"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "1.8.0"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "1.8.8"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.8.5"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.8.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.7.11"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.7.10"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.7.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.23"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.21"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.20"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.19"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.18"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.14"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.13"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.12"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.11"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.10"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.6"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.5"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.3"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.5.8"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.5.7"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.5.5"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.5.4"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.5.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.5.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.4.6"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.8.6"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.8.4"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.8.3"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.8.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.7.8"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.7.5"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.7.3"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.7.15"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.7.14"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.7.13"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.7.12"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.9"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.8"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.7"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.4"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.17"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.16"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.15"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.6.0"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.5.6"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.5.3"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.5.0"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.4.5"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.4.4"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.4.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.4.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.4.0"
},
{
"model": "xcode",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.1.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.4.3"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.7.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "12.3"
},
{
"model": "subversion",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.7.16"
},
{
"model": "subversion",
"scope": "lt",
"trust": 0.8,
"vendor": "apache",
"version": "1.8.x"
},
{
"model": "xcode",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(os x mavericks v10.9.4 or later )"
},
{
"model": "subversion",
"scope": "lt",
"trust": 0.8,
"vendor": "apache",
"version": "1.4.0 from 1.7.x"
},
{
"model": "ubuntu",
"scope": "eq",
"trust": 0.8,
"vendor": "canonical",
"version": "12.04 lts"
},
{
"model": "ubuntu",
"scope": "eq",
"trust": 0.8,
"vendor": "canonical",
"version": "14.04 lts"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "6.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "1.7.18"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "1.8.10"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.4.1"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.4"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.1"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.5"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.4"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.3"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.4"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.3"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.8"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.7"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.6.22"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.9"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.8"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.7"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.6"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.37"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.36"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.35"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.34"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.33"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.31"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.30"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.29"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.28.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.28.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.28"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.27"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.26"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.25"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.24.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.24.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.24"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.23"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.22.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.22.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.22"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.21"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.20.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.20"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.19"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.18.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.18"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.17.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.17"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.16.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.14.5"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.14.4"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.14.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.14.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.14"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.13.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.13.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.13"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.12"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.11.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.10.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.10.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.4.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.0"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.2.3"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.2.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.2.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.1.4"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.1.3"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.1.2"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.1.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.1.0"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.5"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.4"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.3"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.9"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.8"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.7"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.6"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.35.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.33.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.32.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.19.1"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.16"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.15"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.14.3"
},
{
"model": "subversion",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.10.0"
},
{
"model": "xcode",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.2"
},
{
"model": "subversion",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "1.8.10"
},
{
"model": "subversion",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "1.7.18"
}
],
"sources": [
{
"db": "BID",
"id": "69237"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003864"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-233"
},
{
"db": "NVD",
"id": "CVE-2014-3522"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:subversion",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:canonical:ubuntu",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:xcode",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003864"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ben Reser",
"sources": [
{
"db": "BID",
"id": "69237"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3522",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2014-3522",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-71462",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3522",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-3522",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201408-233",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-71462",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-3522",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71462"
},
{
"db": "VULMON",
"id": "CVE-2014-3522"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003864"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-233"
},
{
"db": "NVD",
"id": "CVE-2014-3522"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. Supplementary information : CWE Vulnerability type by CWE-297: Improper Validation of Certificate with Host Mismatch ( Improper validation of certificates due to host mismatch ) Has been identified. http://cwe.mitre.org/data/definitions/297.htmlA man-in-the-middle attack can impersonate a server through a crafted certificate. Apache Subversion is prone to an information disclosure vulnerability. This may allow the attacker to obtain or modify sensitive information. Information harvested may aid in further attacks. The system is compatible with the Concurrent Versions System (CVS). The vulnerability stems from the fact that the program does not correctly handle the Common Name ( CN) or a wildcard for the subjectAltName field. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2015:085\n http://www.mandriva.com/en/support/security/\n _______________________________________________________________________\n\n Package : subversion\n Date : March 28, 2015\n Affected: Business Server 2.0\n _______________________________________________________________________\n\n Problem Description:\n\n Updated subversion packages fix security vulnerabilities:\n \n The mod_dav_svn module in Apache Subversion before 1.8.8, when\n SVNListParentPath is enabled, allows remote attackers to cause a\n denial of service (crash) via an OPTIONS request (CVE-2014-0032). \n \n Ben Reser discovered that Subversion did not correctly validate SSL\n certificates containing wildcards. \n \n Bert Huijben discovered that Subversion did not properly handle\n cached credentials. A malicious server could possibly use this issue\n to obtain credentials cached for a different server (CVE-2014-3528). \n \n A NULL pointer dereference flaw was found in the way mod_dav_svn\n handled REPORT requests. A remote, unauthenticated attacker could\n use a crafted REPORT request to crash mod_dav_svn (CVE-2014-3580). \n \n A NULL pointer dereference flaw was found in the way mod_dav_svn\n handled URIs for virtual transaction names. A remote, unauthenticated\n attacker could send a request for a virtual transaction name that\n does not exist, causing mod_dav_svn to crash (CVE-2014-8108). \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0032\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3522\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3528\n http://advisories.mageia.org/MGASA-2014-0105.html\n http://advisories.mageia.org/MGASA-2014-0339.html\n http://advisories.mageia.org/MGASA-2014-0545.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n 3c1e67f77228815883b105a8e62a10e0 mbs2/x86_64/apache-mod_dav_svn-1.8.11-1.mbs2.x86_64.rpm\n 35c5f1efb679c09bc48d917b94954713 mbs2/x86_64/lib64svn0-1.8.11-1.mbs2.x86_64.rpm\n 56722eb7ac7b08654d795a5981ebd210 mbs2/x86_64/lib64svnjavahl1-1.8.11-1.mbs2.x86_64.rpm\n e1479d1c61864767d56a147bb4ee9b7f mbs2/x86_64/perl-SVN-1.8.11-1.mbs2.x86_64.rpm\n 7c4d79f31b0559c22cc84f39a06f9da0 mbs2/x86_64/perl-svn-devel-1.8.11-1.mbs2.x86_64.rpm\n 14720ab01668a9d04b566d5102c09f68 mbs2/x86_64/python-svn-1.8.11-1.mbs2.x86_64.rpm\n 07db3a7142457efc1e0547fd40bbf03f mbs2/x86_64/python-svn-devel-1.8.11-1.mbs2.x86_64.rpm\n 8d0511abbed2c57f505183bf00c4ab0d mbs2/x86_64/ruby-svn-1.8.11-1.mbs2.x86_64.rpm\n 8d062f6dd429b87f2b1d432c92e9a84a mbs2/x86_64/ruby-svn-devel-1.8.11-1.mbs2.x86_64.rpm\n 31e14a18991a2383065a069d53d3cd4e mbs2/x86_64/subversion-1.8.11-1.mbs2.x86_64.rpm\n 1ce1c374c428409e8a6380d64b8706f8 mbs2/x86_64/subversion-devel-1.8.11-1.mbs2.x86_64.rpm\n 052411de41e785decc0bc130e2756eff mbs2/x86_64/subversion-doc-1.8.11-1.mbs2.x86_64.rpm\n 98c1473e3721e4c9a6996db448c6ff36 mbs2/x86_64/subversion-server-1.8.11-1.mbs2.x86_64.rpm\n 6ad3881116530af4d889bb6c142d70dc mbs2/x86_64/subversion-tools-1.8.11-1.mbs2.x86_64.rpm\n 3fb0c871a5771c8fe4c6475b5ac0406c mbs2/x86_64/svn-javahl-1.8.11-1.mbs2.x86_64.rpm \n 45e0624a89e4c79d4739cd4eb22d9a29 mbs2/SRPMS/subversion-1.8.11-1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVFl6JmqjQ0CJFipgRAgkVAJ4xKUzteqhyYcBC4AuYoZ7Lv3oQZQCfROhl\nNaJSaZq4W6qIMwD8fhQF5Ls=\n=R/mF\n-----END PGP SIGNATURE-----\n. ============================================================================\nUbuntu Security Notice USN-2316-1\nAugust 14, 2014\n\nsubversion vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Subversion. \n\nSoftware Description:\n- subversion: Advanced version control system\n\nDetails:\n\nLieven Govaerts discovered that the Subversion mod_dav_svn module\nincorrectly handled certain request methods when SVNListParentPath was\nenabled. This issue only affected Ubuntu\n12.04 LTS. (CVE-2014-3528)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n libsvn1 1.8.8-1ubuntu3.1\n subversion 1.8.8-1ubuntu3.1\n\nUbuntu 12.04 LTS:\n libapache2-svn 1.6.17dfsg-3ubuntu3.4\n libsvn1 1.6.17dfsg-3ubuntu3.4\n subversion 1.6.17dfsg-3ubuntu3.4\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-2316-1\n CVE-2014-0032, CVE-2014-3522, CVE-2014-3528\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/subversion/1.8.8-1ubuntu3.1\n https://launchpad.net/ubuntu/+source/subversion/1.6.17dfsg-3ubuntu3.4\n. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201610-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Subversion, Serf: Multiple Vulnerabilities\n Date: October 11, 2016\n Bugs: #500482, #518716, #519202, #545348, #556076, #567810,\n #581448, #586046\n ID: 201610-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Subversion and Serf, the\nworst of which could lead to execution of arbitrary code. \n\nBackground\n==========\n\nSubversion is a version control system intended to eventually replace\nCVS. Like CVS, it has an optional client-server architecture (where the\nserver can be an Apache server running mod_svn, or an ssh program as in\nCVS\u0027s :ext: method). In addition to supporting the features found in\nCVS, Subversion also provides support for moving and copying files and\ndirectories. \n\nThe serf library is a high performance C-based HTTP client library\nbuilt upon the Apache Portable Runtime (APR) library. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-vcs/subversion \u003c 1.9.4 \u003e= 1.9.4\n *\u003e 1.8.16\n 2 net-libs/serf \u003c 1.3.7 \u003e= 1.3.7\n -------------------------------------------------------------------\n 2 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Subversion and Serf. \nPlease review the CVE identifiers referenced below for details\n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, conduct a man-in-the-middle attack, obtain\nsensitive information, or cause a Denial of Service Condition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Subversion users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-vcs/subversion-1.9.4\"\n\nAll Serf users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-libs/serf-1.3.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2014-0032\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0032\n[ 2 ] CVE-2014-3504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3504\n[ 3 ] CVE-2014-3522\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3522\n[ 4 ] CVE-2014-3528\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3528\n[ 5 ] CVE-2015-0202\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0202\n[ 6 ] CVE-2015-0248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0248\n[ 7 ] CVE-2015-0251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0251\n[ 8 ] CVE-2015-3184\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3184\n[ 9 ] CVE-2015-3187\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3187\n[ 10 ] CVE-2015-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5259\n[ 11 ] CVE-2016-2167\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2167\n[ 12 ] CVE-2016-2168\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2168\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201610-05\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. \nCVE-ID\nCVE-2014-3522\nCVE-2014-3528\nCVE-2014-3580\nCVE-2014-8108\n\nGit\nAvailable for: OS X Mavericks v10.9.4 or later\nImpact: Synching with a malicious git repository may allow\nunexpected files to be added to the .git folder\nDescription: The checks involved in disallowed paths did not account\nfor case insensitivity or unicode characters. This issue was\naddressed by adding additional checks. \nCVE-ID\nCVE-2014-9390 : Matt Mackall of Mercurial and Augie Fackler of\nMercurial\n\nXcode 6.2 may be obtained from:\nhttps://developer.apple.com/xcode/downloads/\n\nTo check that the Xcode has been updated:\n\n* Select Xcode in the menu bar\n* Select About Xcode\n* The version after applying this update will be \"6.2\"",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3522"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003864"
},
{
"db": "BID",
"id": "69237"
},
{
"db": "VULHUB",
"id": "VHN-71462"
},
{
"db": "VULMON",
"id": "CVE-2014-3522"
},
{
"db": "PACKETSTORM",
"id": "131094"
},
{
"db": "PACKETSTORM",
"id": "127874"
},
{
"db": "PACKETSTORM",
"id": "139060"
},
{
"db": "PACKETSTORM",
"id": "130744"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-71462",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71462"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3522",
"trust": 3.3
},
{
"db": "BID",
"id": "69237",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "60722",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "59432",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "60100",
"trust": 1.8
},
{
"db": "XF",
"id": "95090",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "59584",
"trust": 1.2
},
{
"db": "OSVDB",
"id": "109996",
"trust": 1.2
},
{
"db": "JVN",
"id": "JVNVU90171154",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003864",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201408-233",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "130744",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-71462",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-3522",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131094",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127874",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139060",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71462"
},
{
"db": "VULMON",
"id": "CVE-2014-3522"
},
{
"db": "BID",
"id": "69237"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003864"
},
{
"db": "PACKETSTORM",
"id": "131094"
},
{
"db": "PACKETSTORM",
"id": "127874"
},
{
"db": "PACKETSTORM",
"id": "139060"
},
{
"db": "PACKETSTORM",
"id": "130744"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-233"
},
{
"db": "NVD",
"id": "CVE-2014-3522"
}
]
},
"id": "VAR-201408-0086",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-71462"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:18:13.322000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-2014-3522-advisory",
"trust": 0.8,
"url": "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt"
},
{
"title": "APPLE-SA-2015-03-09-4 Xcode 6.2",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"title": "HT204427",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT204427"
},
{
"title": "HT204427",
"trust": 0.8,
"url": "http://support.apple.com/ja-jp/HT204427"
},
{
"title": "Oracle Solaris Third Party Bulletin - October 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"title": "USN-2316-1",
"trust": 0.8,
"url": "http://www.ubuntu.com/usn/USN-2316-1/"
},
{
"title": "subversion-1.7.18",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51250"
},
{
"title": "subversion-1.7.18",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51249"
},
{
"title": "subversion-1.8.10",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51253"
},
{
"title": "subversion-1.7.18",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51248"
},
{
"title": "subversion-1.8.10",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51252"
},
{
"title": "subversion-1.8.10",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51251"
},
{
"title": "Ubuntu Security Notice: subversion vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2316-1"
},
{
"title": "Apple: Xcode 6.2",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=28f88d65a83ee45368f37221b1b4ea8f"
},
{
"title": "Amazon Linux AMI: ALAS-2014-413",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-413"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=92308e3c4d305e91c2eba8c9c6835e83"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3522"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003864"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-233"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-297",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71462"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003864"
},
{
"db": "NVD",
"id": "CVE-2014-3522"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://secunia.com/advisories/60100"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/69237"
},
{
"trust": 1.9,
"url": "http://www.ubuntu.com/usn/usn-2316-1"
},
{
"trust": 1.8,
"url": "https://subversion.apache.org/security/cve-2014-3522-advisory.txt"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/59432"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/60722"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/95090"
},
{
"trust": 1.3,
"url": "https://security.gentoo.org/glsa/201610-05"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2015/mar/msg00003.html"
},
{
"trust": 1.2,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"trust": 1.2,
"url": "https://support.apple.com/ht204427"
},
{
"trust": 1.2,
"url": "http://www.osvdb.org/109996"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/59584"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95311"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95090"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3522"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90171154/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3522"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3522"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3528"
},
{
"trust": 0.3,
"url": "http://subversion.apache.org/"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1127063"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-us/ht204427"
},
{
"trust": 0.3,
"url": "http://www.ubuntu.com/usn/usn-2316-1/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0032"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/297.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2316-1/"
},
{
"trust": 0.1,
"url": "http://advisories.mageia.org/mgasa-2014-0339.html"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://advisories.mageia.org/mgasa-2014-0545.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0032"
},
{
"trust": 0.1,
"url": "http://advisories.mageia.org/mgasa-2014-0105.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3528"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/subversion/1.8.8-1ubuntu3.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/subversion/1.6.17dfsg-3ubuntu3.4"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3187"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5259"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0251"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3187"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0202"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0248"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2168"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2168"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2167"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2167"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3184"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3504"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3184"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0202"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3522"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3528"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0032"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8108"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3580"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9390"
},
{
"trust": 0.1,
"url": "https://developer.apple.com/xcode/downloads/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71462"
},
{
"db": "VULMON",
"id": "CVE-2014-3522"
},
{
"db": "BID",
"id": "69237"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003864"
},
{
"db": "PACKETSTORM",
"id": "131094"
},
{
"db": "PACKETSTORM",
"id": "127874"
},
{
"db": "PACKETSTORM",
"id": "139060"
},
{
"db": "PACKETSTORM",
"id": "130744"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-233"
},
{
"db": "NVD",
"id": "CVE-2014-3522"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-71462"
},
{
"db": "VULMON",
"id": "CVE-2014-3522"
},
{
"db": "BID",
"id": "69237"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003864"
},
{
"db": "PACKETSTORM",
"id": "131094"
},
{
"db": "PACKETSTORM",
"id": "127874"
},
{
"db": "PACKETSTORM",
"id": "139060"
},
{
"db": "PACKETSTORM",
"id": "130744"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-233"
},
{
"db": "NVD",
"id": "CVE-2014-3522"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-19T00:00:00",
"db": "VULHUB",
"id": "VHN-71462"
},
{
"date": "2014-08-19T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3522"
},
{
"date": "2014-08-14T00:00:00",
"db": "BID",
"id": "69237"
},
{
"date": "2014-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003864"
},
{
"date": "2015-03-30T21:22:48",
"db": "PACKETSTORM",
"id": "131094"
},
{
"date": "2014-08-14T22:50:50",
"db": "PACKETSTORM",
"id": "127874"
},
{
"date": "2016-10-12T04:50:20",
"db": "PACKETSTORM",
"id": "139060"
},
{
"date": "2015-03-10T16:22:37",
"db": "PACKETSTORM",
"id": "130744"
},
{
"date": "2014-08-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-233"
},
{
"date": "2014-08-19T18:55:02.640000",
"db": "NVD",
"id": "CVE-2014-3522"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-71462"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3522"
},
{
"date": "2016-10-26T01:16:00",
"db": "BID",
"id": "69237"
},
{
"date": "2015-10-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003864"
},
{
"date": "2014-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-233"
},
{
"date": "2024-11-21T02:08:17.650000",
"db": "NVD",
"id": "CVE-2014-3522"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "131094"
},
{
"db": "PACKETSTORM",
"id": "127874"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-233"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Subversion of Serf RA Vulnerability impersonating server in layer",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003864"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "69237"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…