CVE-2013-4505

EPSS 1.6%

Published: 12/7/2013Modified: 4/28/2026

Description

The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request.

Affected packages (1)

Debian/subversionfrom 0, < 1.7.14-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-4505