Количество 10
Количество 10
BDU:2017-02070
Уязвимость служб svn:externals и svn:sync-from-url централизованной системы управления версиями Subversion, позволяющая нарушителю выполнить произвольную shell-команду
CVE-2017-9800
A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://.
CVE-2017-9800
A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://.
CVE-2017-9800
A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://.
CVE-2017-9800
A maliciously constructed svn+ssh:// URL would cause Subversion client ...
openSUSE-SU-2017:2183-1
Security update for subversion
GHSA-34wf-vr8w-7xh4
A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://.
ELSA-2017-2480
ELSA-2017-2480: subversion security update (IMPORTANT)
SUSE-SU-2017:2163-1
Security update for subversion
SUSE-SU-2017:2200-1
Security update for subversion
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2017-02070 Уязвимость служб svn:externals и svn:sync-from-url централизованной системы управления версиями Subversion, позволяющая нарушителю выполнить произвольную shell-команду | CVSS2: 7.5 | 50% Средний | больше 8 лет назад |
 | CVE-2017-9800 A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://. | CVSS3: 9.8 | 50% Средний | больше 8 лет назад |
 | CVE-2017-9800 A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://. | CVSS3: 6.3 | 50% Средний | больше 8 лет назад |
 | CVE-2017-9800 A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://. | CVSS3: 9.8 | 50% Средний | больше 8 лет назад |
| CVE-2017-9800 A maliciously constructed svn+ssh:// URL would cause Subversion client ... | CVSS3: 9.8 | 50% Средний | больше 8 лет назад |
 | openSUSE-SU-2017:2183-1 Security update for subversion | 50% Средний | около 8 лет назад | |
| GHSA-34wf-vr8w-7xh4 A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://. | CVSS3: 9.8 | 50% Средний | больше 3 лет назад |
| ELSA-2017-2480 ELSA-2017-2480: subversion security update (IMPORTANT) | около 8 лет назад | ||
| SUSE-SU-2017:2163-1 Security update for subversion | больше 8 лет назад | ||
| SUSE-SU-2017:2200-1 Security update for subversion | около 8 лет назад |
Уязвимостей на страницу