svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. Rated low severity (CVSS 2.4). No vendor patch available.
Information Disclosure
Subversion
NVD
CVSS 2.0
2.4
EPSS
0.3%
The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the. Rated low severity (CVSS 2.4). No vendor patch available.
Information Disclosure
Subversion
NVD
CVSS 2.0
2.4
EPSS
0.2%