CVE-2016-6312 in Subversioninfo

Summary

The mod_dontdothat component of the mod_dav_svn Apache module in Subversion as packaged in Red Hat Enterprise Linux 5.11 does not properly detect recursion during entity expansion, which allows remote authenticated users with access to the webdav repository to cause a denial of service (memory consumption and httpd crash). NOTE: Exists as a regression to CVE-2009-1955.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

07/26/2016

Disclosure

07/17/2017

Moderation

VulDB entry created

Entries

VDB-103563 (1)

CPE

ready

CWE

CWE-400 (Confirmed)

CVSS

5.4

EPSS

0.00515

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-6312
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-6312
CVE Details	https://www.cvedetails.com/cve/CVE-2016-6312/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!