CVE-2010-4644Missing Release of Memory after Effective Lifetime in Apache Subversion

CWE-39911 documents9 sources
Severity
3.5LOWNVD
EPSS
1.4%
top 19.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Subversion
Timeline
PublishedJan 7
Latest updateMay 17

Description

Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 6.8 | Impact: 2.9

Affected Packages2 packages

Debianapache/subversion< 1.6.12dfsg-3+3
NVDapache/subversion1.6.14+110

🔴Vulnerability Details

3
GHSA
GHSA-hhpj-h4jc-w378: Multiple memory leaks in rev_hunt2022-05-17
OSV
CVE-2010-4644: Multiple memory leaks in rev_hunt2011-01-07
CVEList
CVE-2010-4644: Multiple memory leaks in rev_hunt2011-01-07

📋Vendor Advisories

4
Ubuntu
Subversion vulnerabilities2011-02-01
Red Hat
Subversion: DoS (memory consumption) by processing blame or log -g requests on certain files2010-11-04
Debian
CVE-2010-4644: subversion - Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow rem...2010
Apache
Apache subversion: CVE-2010-4644

💬Community

3
Bugzilla
CVE-2010-4644 Subversion: DoS (memory consumption) by processing blame or log -g requests on certain files2011-01-06
Bugzilla
CVE-2010-4539 CVE-2010-4644 subversion various flaws [fedora-13]2011-01-06
Bugzilla
CVE-2010-1455 wireshark: DOCSIS dissector crash2010-05-10
CVE-2010-4644 — Apache Subversion vulnerability | cvebase