CVE-2015-0248

Currently unrated

Key Information:

Vendor: Apache
Status: Subversion
Vendor: CVE Published:; 8 April 2015

Summary

The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.

References

http://rhn.redhat.com/errata/RHSA-2015-1742.html

vendor-advisoryx_refsource_REDHAT

http://www.debian.org/security/2015/dsa-3231

vendor-advisoryx_refsource_DEBIAN

http://rhn.redhat.com/errata/RHSA-2015-1633.html

vendor-advisoryx_refsource_REDHAT

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 8, 2015
Vulnerability Reserved
Nov 18, 2014