← Back

CVE-2015-0251

nvd nist
Published: Apr 8, 2015Modified: May 6, 2026

JSON object

Loading...
4.0
Vector
AV:N/AC:L/Au:S/C:N/I:P/A:N
Exploitability: 8.0 / Impact: 2.9
Source: NVD

Description

The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.

Affected (73)

Show all products
Apache: Subversion · Opensuse: Opensuse · Redhat: Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server, Enterprise Linux Server Eus, Enterprise Linux Workstation · Oracle: Solaris · Apple: Xcode
Apache
1 product
Subversion
Opensuse
1 product
Opensuse
Redhat
5 products
Enterprise Linux Desktop
Enterprise Linux Hpc Node
Enterprise Linux Server
Enterprise Linux Server Eus
Enterprise Linux Workstation
Oracle
1 product
Solaris
Apple
1 product
Xcode
Configuration A
64 vulnerable
Vulnerable SoftwareAffected Versions
Apache
Subversion
Version 1.5.0
Subversion
Version 1.5.1
Subversion
Version 1.5.2
Subversion
Version 1.5.3
Subversion
Version 1.5.4
Subversion
Version 1.5.5
Subversion
Version 1.5.6
Subversion
Version 1.5.7
Subversion
Version 1.5.8
Subversion
Version 1.6.0
Subversion
Version 1.6.10
Subversion
Version 1.6.11
Subversion
Version 1.6.12
Subversion
Version 1.6.13
Subversion
Version 1.6.14
Subversion
Version 1.6.15
Subversion
Version 1.6.16
Subversion
Version 1.6.17
Subversion
Version 1.6.18
Subversion
Version 1.6.19
Subversion
Version 1.6.1
Subversion
Version 1.6.20
Subversion
Version 1.6.21
Subversion
Version 1.6.23
Subversion
Version 1.6.2
Subversion
Version 1.6.3
Subversion
Version 1.6.4
Subversion
Version 1.6.5
Subversion
Version 1.6.6
Subversion
Version 1.6.7
Subversion
Version 1.6.8
Subversion
Version 1.6.9
Subversion
Version 1.7.0
Subversion
Version 1.7.10
Subversion
Version 1.7.11
Subversion
Version 1.7.12
Subversion
Version 1.7.13
Subversion
Version 1.7.14
Subversion
Version 1.7.15
Subversion
Version 1.7.16
Subversion
Version 1.7.17
Subversion
Version 1.7.18
Subversion
Version 1.7.19
Subversion
Version 1.7.1
Subversion
Version 1.7.2
Subversion
Version 1.7.3
Subversion
Version 1.7.4
Subversion
Version 1.7.5
Subversion
Version 1.7.6
Subversion
Version 1.7.7
Subversion
Version 1.7.8
Subversion
Version 1.7.9
Subversion
Version 1.8.0
Subversion
Version 1.8.10
Subversion
Version 1.8.11
Subversion
Version 1.8.1
Subversion
Version 1.8.2
Subversion
Version 1.8.3
Subversion
Version 1.8.4
Subversion
Version 1.8.5
Subversion
Version 1.8.6
Subversion
Version 1.8.7
Subversion
Version 1.8.8
Subversion
Version 1.8.9
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Opensuse
Version 13.1
Opensuse
Version 13.2
Configuration C
5 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Linux Desktop
Version 6.0
Enterprise Linux Hpc Node
Version 6.0
Enterprise Linux Server
Version 6.0
Enterprise Linux Server Eus
Version 6.7.z
Enterprise Linux Workstation
Version 6.0
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Solaris
Version 11.3
Configuration E
1 vulnerable
Vulnerable SoftwareAffected Versions
Xcode
Version 7.0

Related CWEs

CWE-345
Insufficient Verification of Data Authenticity
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

References (28)

Source: secalert@redhat.com
Mailing List
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.