Lucene search
RedhatCVE-2015-0202HistoryApr 08, 2015 - 6:59 p.m.
CVE-2015-0202
2015-04-0818:59:00
CWE-399
redhat
web.nvd.nist.gov
41
mod_dav_svn
subversion
denial of service
memory consumption
cve-2015-0202
nvd
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
7.9
Confidence
High
EPSS
0.008
Percentile
82.3%
The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows remote attackers to cause a denial of service (memory consumption) via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes.
Affected configurations
Node
apachesubversionMatch1.8.0
ORapachesubversionMatch1.8.1
ORapachesubversionMatch1.8.2
ORapachesubversionMatch1.8.3
ORapachesubversionMatch1.8.4
ORapachesubversionMatch1.8.5
ORapachesubversionMatch1.8.6
ORapachesubversionMatch1.8.7
ORapachesubversionMatch1.8.8
ORapachesubversionMatch1.8.9
ORapachesubversionMatch1.8.10
ORapachesubversionMatch1.8.11
Node
opensuseopensuseMatch13.1
ORopensuseopensuseMatch13.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apache | subversion | 1.8.0 | cpe:2.3:a:apache:subversion:1.8.0:*:*:*:*:*:*:* |
| apache | subversion | 1.8.1 | cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:* |
| apache | subversion | 1.8.2 | cpe:2.3:a:apache:subversion:1.8.2:*:*:*:*:*:*:* |
| apache | subversion | 1.8.3 | cpe:2.3:a:apache:subversion:1.8.3:*:*:*:*:*:*:* |
| apache | subversion | 1.8.4 | cpe:2.3:a:apache:subversion:1.8.4:*:*:*:*:*:*:* |
| apache | subversion | 1.8.5 | cpe:2.3:a:apache:subversion:1.8.5:*:*:*:*:*:*:* |
| apache | subversion | 1.8.6 | cpe:2.3:a:apache:subversion:1.8.6:*:*:*:*:*:*:* |
| apache | subversion | 1.8.7 | cpe:2.3:a:apache:subversion:1.8.7:*:*:*:*:*:*:* |
| apache | subversion | 1.8.8 | cpe:2.3:a:apache:subversion:1.8.8:*:*:*:*:*:*:* |
| apache | subversion | 1.8.9 | cpe:2.3:a:apache:subversion:1.8.9:*:*:*:*:*:*:* |
References
Related
prion
prion
Design/Logic Flaw
2015-04-08 18:59:00
openvas
openvas
Apache Subversion 1.8.x DoS Vulnerability (May 2015)
2015-05-06 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-587)
2015-09-08 00:00:00
Fedora Update for subversion FEDORA-2015-11795
2015-07-30 00:00:00
cvelist
cvelist
CVE-2015-0202
2015-04-08 18:00:00
ubuntucve
ubuntucve
CVE-2015-0202
2015-04-08 00:00:00
nvd
nvd
CVE-2015-0202
2015-04-08 18:59:00
debiancve
debiancve
CVE-2015-0202
2015-04-08 18:59:00
securityvulns
securityvulns
[ MDVSA-2015:192 ] subversion
2015-04-07 00:00:00
Apache Subversion multiple security vulnerabilities
2015-04-07 00:00:00
[USN-2721-1] Subversion vulnerabilities
2015-08-24 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: subversion-1.8.13-7.fc21
2015-07-29 01:54:00
nessus
nessus
Mandriva Linux Security Advisory : subversion (MDVSA-2015:192)
2015-04-03 00:00:00
openSUSE Security Update : subversion (openSUSE-2015-289)
2015-04-08 00:00:00
Amazon Linux AMI : subversion / mod_dav_svn (ALAS-2015-587)
2015-08-26 00:00:00
mageia
mageia
Updated subversion packages fix security vulnerabilities
2015-05-03 03:19:16
amazon
amazon
Medium: subversion, mod_dav_svn
2015-08-24 22:27:00
freebsd
freebsd
subversion -- DoS vulnerabilities
2015-03-31 00:00:00
ubuntu
ubuntu
Subversion vulnerabilities
2015-08-20 00:00:00
gentoo
gentoo
Subversion, Serf: Multiple Vulnerabilities
2016-10-11 00:00:00
suse
suse
Security update for subversion (important)
2017-08-17 12:10:12
osv
osv
libsvn_auth_gnome_keyring-1-0-1.9.5-1.1 on GA media
2024-06-15 00:00:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
7.9
Confidence
High
EPSS
0.008
Percentile
82.3%
Related for CVE-2015-0202