CVE-2024-46901

LOW Year: 2024
CVSS v3 Score
3.1
Low
Weakness Type
CWE-20
View all →

Vulnerability Description

Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including Subversion 1.14.4 are affected if serving repositories via mod_dav_svn. Users are recommended to upgrade to version 1.14.5, which fixes this issue. Repositories served via other access methods are not affected.

Related Vulnerabilities

CVE-2016-9009

LOW
CVSS:3.1(Low)

IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647.

CWE-202016

CVE-2018-10947

LOW
CVSS:3.1(Low)

An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted.

CWE-202018

CVE-2020-7957

LOW
CVSS:3.1(Low)

The IMAP and LMTP components in Dovecot 2.3.9 before 2.3.9.3 mishandle snippet generation when many characters must be read to compute the snippet and a trailing > character exists. This causes a deni...

CWE-202020

CVE-2021-38957

LOW
CVSS:3.1(Low)

IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive information due to hazardous input validation during QR code generation. IBM X-Force ID: 212040.

CWE-202021

CVE-2024-41945

LOW
CVSS:3.1(Low)

fuels-ts is a library for interacting with Fuel v2. The typescript SDK has no awareness of to-be-spent transactions causing some transactions to fail or silently get pruned as they are funded with alr...

CWE-202024

CVE-2024-50343

LOW
CVSS:3.1(Low)

symfony/validator is a module for the Symphony PHP framework which provides tools to validate values. It is possible to trick a `Validator` configured with a regular expression using the `$` metachara...

CWE-202024