What is the severity of CVE-2024-46901?

The severity of CVE-2024-46901 is considered medium due to its potential impact on the integrity of Subversion repositories.

How do I fix CVE-2024-46901?

To fix CVE-2024-46901, upgrade Apache Subversion to a version newer than 1.14.4 that addresses the vulnerability.

What versions of Apache Subversion are affected by CVE-2024-46901?

All versions of Apache Subversion up to and including 1.14.4 are affected by CVE-2024-46901.

What is the impact of CVE-2024-46901 on Subversion repositories?

The impact of CVE-2024-46901 allows authenticated users with commit access to introduce corrupted revisions, potentially disrupting repository usage.

Can unauthorized users exploit CVE-2024-46901?

No, CVE-2024-46901 requires authenticated users with commit access to exploit the vulnerability.

Vulnerability/
CVE-2024-46901

low

3.1

CWE

20 116

9/12/2024

13/4/2025

CVE-2024-46901: Apache Subversion: mod_dav_svn denial-of-service via control characters in paths

First published: Mon Dec 09 2024(Updated: )

Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including Subversion 1.14.4 are affected if serving repositories via mod_dav_svn. Users are recommended to upgrade to version 1.14.5, which fixes this issue. Repositories served via other access methods are not affected.

Credit: security@apache.org

Affected Software	Affected Version	How to fix
Subversion	<=1.14.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-46901?
The severity of CVE-2024-46901 is considered medium due to its potential impact on the integrity of Subversion repositories.
How do I fix CVE-2024-46901?
To fix CVE-2024-46901, upgrade Apache Subversion to a version newer than 1.14.4 that addresses the vulnerability.
What versions of Apache Subversion are affected by CVE-2024-46901?
All versions of Apache Subversion up to and including 1.14.4 are affected by CVE-2024-46901.
What is the impact of CVE-2024-46901 on Subversion repositories?
The impact of CVE-2024-46901 allows authenticated users with commit access to introduce corrupted revisions, potentially disrupting repository usage.
Can unauthorized users exploit CVE-2024-46901?
No, CVE-2024-46901 requires authenticated users with commit access to exploit the vulnerability.

agent/title
agent/weakness
agent/references
agent/description
agent/type
agent/first-publish-date
agent/author
agent/severity
agent/event
agent/trending
agent/source
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
collector/mitre-cve
source/MITRE
agent/last-modified-date
collector/nvd-api
source/NVD
vendor/apache
canonical/subversion

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.