CVE-2015-3187

EPSS 0.94%

subversion - security update

Published: 8/12/2015Modified: 4/28/2026

Also known as:DEBIAN-CVE-2015-3187

Description

The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path.

Affected packages (2)

Debian/subversionfrom 0, < 1.9.0-1
Debian/subversionfrom 0, < 1.6.12dfsg-7+deb6u3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-3187