CVE-2024-46901

CVSS 3.1 Score 3.1 of 10 (low)

Details

Published Dec 9, 2024
CWE ID 116
CWE ID 20

Summary

CVE-2024-46901 is a vulnerability affecting Apache Subversion repositories served via mod_dav_svn. Maliciously crafted filenames with control characters can bypass validation checks, enabling authenticated users with commit access to commit corrupted revisions. This disruption impacts repository users. Versions up to and including Subversion 1.14.4 are vulnerable. Upgrading to version 1.14.5 is recommended as it addresses this issue. Repositories served through other access methods remain unaffected.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Apache Subversion

Affected Vendors

  • Apache Software Foundation