First published: Mon Oct 30 2017(Updated: )
libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apache Subversion | =1.8.0 | |
Apache Subversion | =1.8.0-rc1 | |
Apache Subversion | =1.8.0-rc2 | |
Apache Subversion | =1.8.0-rc3 | |
Apache Subversion | =1.8.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this Apache Subversion vulnerability is CVE-2013-4246.
The severity level of CVE-2013-4246 is high (8.8).
CVE-2013-4246 might allow remote authenticated users to corrupt FSFS repositories, causing a denial of service or obtaining sensitive information.
Apache Subversion 1.8.0, 1.8.0-rc1, 1.8.0-rc2, and 1.8.0-rc3 are affected by CVE-2013-4246.
To fix CVE-2013-4246, upgrade to Apache Subversion 1.8.2 or a later version.