collabnet 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには vendor risk input validation and vendor risk denial of service があり、vendor surface production workloads and vendor surface software deployment の利用場面で vendor impact unexpected behavior などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2013-2112 | The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection. | [email protected] | 7.8 | 3.70% | 2013-07-31 | 2026-04-29 |
| CVE-2013-2088 | contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename. | [email protected] | 7.1 | 6.49% | 2013-07-31 | 2026-04-29 |
| CVE-2013-1968 | Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name. | [email protected] | 5.5 | 1.24% | 2013-07-31 | 2026-04-29 |
| CVE-2012-2603 | The server in CollabNet ScrumWorks Pro before 6.0 allows remote authenticated users to gain privileges and obtain sensitive information via a modified desktop client. | [email protected] | 6.5 | 0.51% | 2012-06-08 | 2026-04-29 |
| CVE-2011-0410 | CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database, which makes it easier for context-dependent attackers to obtain sensitive information by (1) sniffing the network for transmissions of Java objects or (2) reading the database. | [email protected] | 5.0 | 0.44% | 2011-01-24 | 2026-04-29 |