What is the severity of CVE-2024-45720?

CVE-2024-45720 has been classified as a moderate severity vulnerability due to its potential for command line argument injection.

How do I fix CVE-2024-45720?

To mitigate CVE-2024-45720, upgrade to Apache Subversion version 1.14.4 or later, which addresses this vulnerability.

What platforms are affected by CVE-2024-45720?

CVE-2024-45720 specifically affects Windows platforms running Apache Subversion executables.

What types of vulnerabilities does CVE-2024-45720 involve?

CVE-2024-45720 involves argument injection vulnerabilities that can lead to unexpected command line execution.

What should I do if I am using an affected version of Apache Subversion regarding CVE-2024-45720?

If using an affected version of Apache Subversion, immediately upgrade to a secure version to prevent exploitation of CVE-2024-45720.

Vulnerability/
CVE-2024-45720

high

8.2

CWE

8/10/2024

9/10/2024

11/2/2025

CVE-2024-45720: Apache Subversion: Command line argument injection on Windows platforms

First published: Tue Oct 08 2024(Updated: )

On Windows platforms, a "best fit" character encoding conversion of command line arguments to Subversion's executables (e.g., svn.exe, etc.) may lead to unexpected command line argument interpretation, including argument injection and execution of other programs, if a specially crafted command line argument string is processed. All versions of Subversion up to and including Subversion 1.14.3 are affected on Windows platforms only. Users are recommended to upgrade to version Subversion 1.14.4, which fixes this issue. Subversion is not affected on UNIX-like platforms.

Credit: security@apache.org

Affected Software	Affected Version	How to fix
Subversion	<=1.14.3
All of
Subversion	<1.14.4
Microsoft Windows

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-45720?
CVE-2024-45720 has been classified as a moderate severity vulnerability due to its potential for command line argument injection.
How do I fix CVE-2024-45720?
To mitigate CVE-2024-45720, upgrade to Apache Subversion version 1.14.4 or later, which addresses this vulnerability.
What platforms are affected by CVE-2024-45720?
CVE-2024-45720 specifically affects Windows platforms running Apache Subversion executables.
What types of vulnerabilities does CVE-2024-45720 involve?
CVE-2024-45720 involves argument injection vulnerabilities that can lead to unexpected command line execution.
What should I do if I am using an affected version of Apache Subversion regarding CVE-2024-45720?
If using an affected version of Apache Subversion, immediately upgrade to a secure version to prevent exploitation of CVE-2024-45720.

collector/oss-sec
source/oss-sec
alias/CVE-2024-45720
agent/title
agent/first-publish-date
agent/weakness
agent/type
agent/description
agent/author
collector/mitre-cve
source/MITRE
agent/trending
agent/source
agent/last-modified-date
agent/severity
agent/references
agent/event
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
vendor/apache
canonical/subversion
vendor/microsoft
canonical/microsoft windows

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.