CVE-2014-3580

EPSS 13.7%

subversion - security update

發布日:2014/12/18修改日:2026/4/28

描述

The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.

受影響套件(3)

Debian/subversionfrom 0, < 1.8.10-5
Debian/subversionfrom 0, < 1.6.12dfsg-7+deb6u1
Debian/subversionfrom 0, < 1.6.17dfsg-4+deb7u7

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-3580