Use After Free Affecting mod_dav_svn Open this link in a new tab package, versions <0:1.14.1-2.module+el8.6.0+20681+68ff3996
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
20 May 2022
12 Apr 2022
Introduced: 12 Apr 2022CVE-2022-24070 Open this link in a new tab
How to fix?
mod_dav_svn to version 0:1.14.1-2.module+el8.6.0+20681+68ff3996 or higher.
This issue was patched in
Note: Versions mentioned in the description apply to the upstream
How to fix? for
Oracle:8 relevant versions.
Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected.