Path-Based Authorization Flaw in Apache Subversion
CVE-2015-3187

Currently unrated

Key Information:

Vendor

Apache
Status
Subversion
Vendor
CVE Published:
12 August 2015

What is CVE-2015-3187?

The svn_repos_trace_node_locations function in Apache Subversion contains a flaw that allows remote authenticated users to gain access to sensitive path information. This occurs when path-based authorization is enabled and users are able to read the history of a node that has been moved from a hidden path. Such exposure could potentially lead to the unauthorized retrieval of critical operational data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://rhn.redhat.com/errata/RHSA-2015-1742.html
vendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1633.html
vendor-advisoryx_refsource_REDHAT
https://support.apple.com/HT206172
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.