Lucene search

K
cvelistApacheCVELIST:CVE-2022-24070
HistoryApr 12, 2022 - 5:50 p.m.

CVE-2022-24070 Apache Subversion mod_dav_svn is vulnerable to memory corruption

2022-04-1217:50:14
CWE-416
apache
www.cve.org
4
cve-2022-24070
apache subversion
mod_dav_svn
memory corruption
vulnerability
path-based authorization rules
servers

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

50.4%

Subversion’s mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected.

CNA Affected

[
  {
    "product": "Apache Subversion",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "1.10.0 to 1.14.1"
      }
    ]
  }
]