{"id":"CVE-2013-4505","details":"The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request.","modified":"2026-04-16T01:43:58.027262016Z","published":"2013-12-07T20:55:02Z","withdrawn":"2026-01-27T04:12:16.837217Z","related":["SUSE-SU-2015:0709-1","openSUSE-SU-2024:10538-1"],"references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/55855"},{"type":"FIX","url":"http://subversion.apache.org/security/CVE-2013-4505-advisory.txt"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html"},{"type":"WEB","url":"http://osvdb.org/100364"}],"schema_version":"1.7.3"}