Apache : Security Vulnerabilities, CVEs, Published In August 2015 (Information Leak)
The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path.
Max CVSS
4.0
EPSS Score
0.12%
Published
2015-08-12
Updated
2017-07-01
mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name.
Max CVSS
5.0
EPSS Score
0.38%
Published
2015-08-12
Updated
2017-07-01
2 vulnerabilities found