Apache Subversion
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Apache Subversion.
By the Year
In 2025 there have been 0 vulnerabilities in Apache Subversion. Last year, in 2024 Subversion had 2 security vulnerabilities published. Right now, Subversion is on track to have less security vulnerabilities in 2025 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 2 | 7.80 |
| 2023 | 0 | 0.00 |
| 2022 | 2 | 5.90 |
| 2021 | 1 | 7.50 |
| 2020 | 0 | 0.00 |
| 2019 | 3 | 7.17 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Subversion vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Apache Subversion Security Vulnerabilities
Apache Subversion mod_dav_svn Filename Validation Bypass Vulnerability
CVE-2024-46901
- December 09, 2024
Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including Subversion 1.14.4 are affected if serving repositories via mod_dav_svn. Users are recommended to upgrade to version 1.14.5, which fixes this issue. Repositories served via other access methods are not affected.
Improper Input Validation
On Windows platforms, a "best fit" character encoding conversion of command line arguments to Subversion's executables (e.g
CVE-2024-45720
7.8 - High
- October 09, 2024
On Windows platforms, a "best fit" character encoding conversion of command line arguments to Subversion's executables (e.g., svn.exe, etc.) may lead to unexpected command line argument interpretation, including argument injection and execution of other programs, if a specially crafted command line argument string is processed. All versions of Subversion up to and including Subversion 1.14.3 are affected on Windows platforms only. Users are recommended to upgrade to version Subversion 1.14.4, which fixes this issue. Subversion is not affected on UNIX-like platforms.
Shell injection
Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths
CVE-2021-28544
4.3 - Medium
- April 12, 2022
Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to the copy can see the 'copyfrom' path of the original. This also reveals the fact that the node was copied. Only the 'copyfrom' path is revealed; not its contents. Both httpd and svnserve servers are vulnerable.
Information Disclosure
Subversion's mod_dav_svn is vulnerable to memory corruption
CVE-2022-24070
7.5 - High
- April 12, 2022
Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected.
Dangling pointer
Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL
CVE-2020-17525
7.5 - High
- March 17, 2021
Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in mod_dav_svn+mod_authz_svn servers 1.14.1 and mod_dav_svn+mod_authz_svn servers 1.10.7
NULL Pointer Dereference
In Apache Subversion versions up to and including 1.9.10
CVE-2019-0203
7.5 - High
- September 26, 2019
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.
Improper Input Validation
In Apache Subversion versions up to and including 1.9.10
CVE-2018-11782
6.5 - Medium
- September 26, 2019
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.
Improper Input Validation
Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation.
CVE-2018-11803
7.5 - High
- February 05, 2019
Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation.
Access of Uninitialized Pointer
The get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled
CVE-2013-4558
- December 07, 2013
The get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service (assertion failure and Apache process abort) via a non-canonical URL in a request, as demonstrated using a trailing /.
Improper Input Validation
Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15
CVE-2010-4644
- January 07, 2011
Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.
Resource Management Errors
The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors
CVE-2010-4539
- January 07, 2011
The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.
Resource Management Errors
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Apache Subversion or by Apache? Click the Watch button to subscribe.
