canonical ubuntu-linux CVE-2022-24070 vulnerability in Canonical and Other Products
Published on April 12, 2022

Apache Subversion mod_dav_svn is vulnerable to memory corruption

product logo product logo product logo product logo product logo
Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Weakness Type

What is a Dangling pointer Vulnerability?

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE-2022-24070 has been classified to as a Dangling pointer vulnerability or weakness.


Products Associated with CVE-2022-24070

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-24070 are published in these products:

Canonical Ubuntu Linux
 
Apache Subversion
 
Debian Linux
 
Fedora Project Fedora
 
Apple macOS
 

Affected Versions

Apache Software Foundation Apache Subversion Version 1.10.0 to 1.14.1 is affected by CVE-2022-24070

Exploit Probability

EPSS
0.88%
Percentile
75.07%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.