Home

CVE-2015-3187

Description

The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.944

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2015-3184,CVE-2015-3187,CVE-2016-1765 are affected in Command Line Tools for XCode for Mac 7.2.1Mac
subversion security update(DSA-3331-1) subversion_1.6.17dfsg-4+deb7u10_i386.debLinux
subversion security update(DSA-3561-1) subversion_1.8.10-6+deb8u4_i386.debLinux
Subversion security update (CESA-2015:1633) subversion-1.6.11-15.el6_7.i686.rpmLinux
Subversion security update (CESA-2015:1633) subversion-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion security update (CESA-2015:1633) mod_dav_svn-1.6.11-15.el6_7.i686.rpmLinux
Subversion security update (CESA-2015:1633) mod_dav_svn-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion security update (CESA-2015:1633) subversion-kde-1.6.11-15.el6_7.i686.rpmLinux
Subversion security update (CESA-2015:1633) subversion-kde-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion security update (CESA-2015:1633) subversion-perl-1.6.11-15.el6_7.i686.rpmLinux
Subversion security update (CESA-2015:1633) subversion-perl-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion security update (CESA-2015:1633) subversion-ruby-1.6.11-15.el6_7.i686.rpmLinux
Subversion security update (CESA-2015:1633) subversion-ruby-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion security update (CESA-2015:1633) subversion-devel-1.6.11-15.el6_7.i686.rpmLinux
Subversion security update (CESA-2015:1633) subversion-devel-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion security update (CESA-2015:1633) subversion-gnome-1.6.11-15.el6_7.i686.rpmLinux
Subversion security update (CESA-2015:1633) subversion-gnome-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion security update (CESA-2015:1633) subversion-javahl-1.6.11-15.el6_7.i686.rpmLinux
Subversion security update (CESA-2015:1633) subversion-javahl-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion security update (CESA-2015:1633) subversion-svn2cl-1.6.11-15.el6_7.noarch.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update mod_dav_svn-1.6.11-15.el6_7.i686.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update mod_dav_svn-1.6.11-15.el6_7.x86_64.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update subversion-1.6.11-15.el6_7.i686.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update subversion-1.6.11-15.el6_7.x86_64.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update subversion-devel-1.6.11-15.el6_7.i686.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update subversion-devel-1.6.11-15.el6_7.x86_64.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update subversion-gnome-1.6.11-15.el6_7.i686.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update subversion-gnome-1.6.11-15.el6_7.x86_64.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update subversion-javahl-1.6.11-15.el6_7.i686.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update subversion-javahl-1.6.11-15.el6_7.x86_64.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update subversion-kde-1.6.11-15.el6_7.i686.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update subversion-kde-1.6.11-15.el6_7.x86_64.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update subversion-perl-1.6.11-15.el6_7.i686.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update subversion-perl-1.6.11-15.el6_7.x86_64.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update subversion-ruby-1.6.11-15.el6_7.i686.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update subversion-ruby-1.6.11-15.el6_7.x86_64.rpmLinux
(RHSA-2015:1633) Moderate: subversion security update subversion-svn2cl-1.6.11-15.el6_7.noarch.rpmLinux
Mod_dav_svn update (ELSA-2015-1633) mod_dav_svn-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion update (ELSA-2015-1633) subversion-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion-devel update (ELSA-2015-1633) subversion-devel-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion-gnome update (ELSA-2015-1633) subversion-gnome-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion-javahl update (ELSA-2015-1633) subversion-javahl-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion-kde update (ELSA-2015-1633) subversion-kde-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion-perl update (ELSA-2015-1633) subversion-perl-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion-ruby update (ELSA-2015-1633) subversion-ruby-1.6.11-15.el6_7.x86_64.rpmLinux
Subversion-svn2cl update (ELSA-2015-1633) subversion-svn2cl-1.6.11-15.el6_7.noarch.rpmLinux
Mod_dav_svn update (ELSA-2015-1633) mod_dav_svn-1.6.11-15.el6_7.i686.rpmLinux
Subversion update (ELSA-2015-1633) subversion-1.6.11-15.el6_7.i686.rpmLinux
Subversion-devel update (ELSA-2015-1633) subversion-devel-1.6.11-15.el6_7.i686.rpmLinux
Subversion-gnome update (ELSA-2015-1633) subversion-gnome-1.6.11-15.el6_7.i686.rpmLinux
Subversion-javahl update (ELSA-2015-1633) subversion-javahl-1.6.11-15.el6_7.i686.rpmLinux
Subversion-kde update (ELSA-2015-1633) subversion-kde-1.6.11-15.el6_7.i686.rpmLinux
Subversion-perl update (ELSA-2015-1633) subversion-perl-1.6.11-15.el6_7.i686.rpmLinux
Subversion-ruby update (ELSA-2015-1633) subversion-ruby-1.6.11-15.el6_7.i686.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-607901Command Line Tools for XCode for Mac 15.3 (Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234