CVE-2024-46901
CVSS V2 None
CVSS V3 None
Description
Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository.
All versions of Subversion up to and including Subversion 1.14.4 are affected if serving repositories via mod_dav_svn. Users are recommended to upgrade to version 1.14.5, which fixes this issue.
Repositories served via other access methods are not affected.
Overview
- CVE ID
- CVE-2024-46901
- Assigner
- apache
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-12-09T09:36:52.445Z
- Last Modified Date
- 2024-12-09T15:23:24.851Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://subversion.apache.org/security/CVE-2024-46901-advisory.txt | vendor-advisory |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-46901 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46901 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-12-10 13:33:53 | Added to TrackCVE |