CVE-2024-46901
CVSS 3.1 Score 3.1 of 10 (low)
Details
Published Dec 9, 2024
CWE ID 116
CWE ID 20
Summary
CVE-2024-46901 is a vulnerability affecting Apache Subversion repositories served via mod_dav_svn. Maliciously crafted filenames with control characters can bypass validation checks, enabling authenticated users with commit access to commit corrupted revisions. This disruption impacts repository users. Versions up to and including Subversion 1.14.4 are vulnerable. Upgrading to version 1.14.5 is recommended as it addresses this issue. Repositories served through other access methods remain unaffected.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Apache Subversion
Affected Vendors
- Apache Software Foundation