CVE-2015-3187
published 2015-08-12CVE-2015-3187: The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote…
medium4CVSS 3.1
AVNACLAuSCPINAN
The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | subversion | <= 1.7.20 | — |
| apache | subversion | — | — |
| apache | subversion | — | — |
| apache | subversion | — | — |
| apache | subversion | — | — |
| apache | subversion | — | — |
| apache | subversion | — | — |
| apache | subversion | — | — |
| apache | subversion | — | — |
| apache | subversion | — | — |
| apache | subversion | — | — |
| apache | subversion | — | — |
| apache | subversion | — | — |
| apache | subversion | — | — |
| apache | subversion | >= 0 < 1.9.0-1 | 1.9.0-1 |
| apache | subversion | >= 0 < 1.9.0-1 | 1.9.0-1 |
| apache | subversion | >= 0 < 1.9.0-1 | 1.9.0-1 |
| apache | subversion | >= 0 < 1.9.0-1 | 1.9.0-1 |
| apache | subversion | >= 0 < 1.8.8-1ubuntu3.2 | 1.8.8-1ubuntu3.2 |
| apple | xcode | <= 7.2.1 | — |
| apple | xcode | — | — |
| debian | subversion | < subversion 1.9.0-1 (bookworm) | subversion 1.9.0-1 (bookworm) |
CVSS provenance
nvd4.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
osv5.0MEDIUM