CVEs-PoC/2020/CVE-2020-17525.md

### [CVE-2020-17525](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17525)
![](https://img.shields.io/static/v1?label=Product&message=Apache%20Subversion&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=mod_authz_svn%3C%201.14.1%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-476%20NULL%20Pointer%20Dereference&color=brighgreen)

### Description

Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in mod_dav_svn+mod_authz_svn servers 1.14.1 and mod_dav_svn+mod_authz_svn servers 1.10.7

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cvemon