Back to search
CVE-2022-24070
Published: Apr 12, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected.
| Vendor | Product | Versions |
|---|---|---|
Apache Software Foundation | Apache Subversion | affected 1.10.0 to 1.14.1 |
Weaknesses (CWE)
References
https://issues.apache.org/jira/browse/SVN-4880
x_refsource_MISC
https://bz.apache.org/bugzilla/show_bug.cgi?id=65861
x_refsource_MISC
https://cwiki.apache.org/confluence/display/HTTPD/ModuleLife
x_refsource_MISC
DSA-5119
vendor-advisory
x_refsource_DEBIAN
FEDORA-2022-13cc09ecf2
vendor-advisory
x_refsource_FEDORA
FEDORA-2022-2af658b090
vendor-advisory
x_refsource_FEDORA
https://support.apple.com/kb/HT213345
x_refsource_CONFIRM
20220721 APPLE-SA-2022-07-20-2 macOS Monterey 12.5
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now