High severity7.6NVD Advisory· Published Apr 14, 2016· Updated Jun 17, 2026
CVE-2015-5343
CVE-2015-5343
Description
Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*range: >=1.7.0,<=1.7.20
- (no CPE)range: >=1.7.0, <1.8.15, >=1.9.0, <1.9.3
- osv-coords5 versionspkg:rpm/opensuse/subversion&distro=openSUSE%20Tumbleweedpkg:rpm/suse/subversion&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/subversion&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/subversion&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/subversion&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
< 1.9.5-1.1+ 4 more
- (no CPE)range: < 1.9.5-1.1
- (no CPE)range: < 1.8.10-18.2
- (no CPE)range: < 1.8.10-18.2
- (no CPE)range: < 1.8.19-25.3.1
- (no CPE)range: < 1.8.19-25.3.1
Patches
Vulnerability mechanics
References
4- subversion.apache.org/security/CVE-2015-5343-advisory.txtnvdVendor Advisory
- www.debian.org/security/2015/dsa-3424nvdThird Party Advisory
- www.securitytracker.com/id/1034470nvdThird Party AdvisoryVDB Entry
- www.slackware.com/security/viewer.phpnvdThird Party Advisory
News mentions
0No linked articles in our index yet.