- Description
- Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including Subversion 1.14.4 are affected if serving repositories via mod_dav_svn. Users are recommended to upgrade to version 1.14.5, which fixes this issue. Repositories served via other access methods are not affected.
- Source
- security@apache.org
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 3.1
- Impact score
- 1.4
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
- Severity
- LOW
- security@apache.org
- CWE-20
- Hype score
- Not currently trending
CVE-2024-46901 Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access… https://t.co/xOfrBmLKvV
@CVEnew
9 Dec 2024
303 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Subversion 1.14.5 released https://t.co/UJLTeQL1n2 Stable bugfix and security release of the Apache Subversion open source version control system. Fixes CVE-2024-46901: mod_dav_svn denial-of-service via control characters in paths.
@oss_security
9 Dec 2024
246 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes