CVE-2018-11803

Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.11.0:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

History

07 Nov 2023, 02:51

Type Values Removed Values Added
References
  • {'url': 'https://lists.apache.org/thread.html/fa71074862373c142d264534385f8ea5d8d6b80d27f36f3c46f55003@%3Cdev.subversion.apache.org%3E', 'name': 'https://lists.apache.org/thread.html/fa71074862373c142d264534385f8ea5d8d6b80d27f36f3c46f55003@%3Cdev.subversion.apache.org%3E', 'tags': ['Mailing List', 'Patch', 'Vendor Advisory'], 'refsource': 'CONFIRM'}
  • () https://lists.apache.org/thread.html/fa71074862373c142d264534385f8ea5d8d6b80d27f36f3c46f55003%40%3Cdev.subversion.apache.org%3E -

03 Mar 2023, 21:00

Type Values Removed Values Added
References (GENTOO) https://security.gentoo.org/glsa/201904-08 - (GENTOO) https://security.gentoo.org/glsa/201904-08 - Third Party Advisory
References (BID) http://www.securityfocus.com/bid/106770 - Third Party Advisory, VDB Entry (BID) http://www.securityfocus.com/bid/106770 - Broken Link, Third Party Advisory, VDB Entry

Information

Published : 2019-02-05 17:29

Updated : 2023-12-10 12:44


NVD link : CVE-2018-11803

Mitre link : CVE-2018-11803

CVE.ORG link : CVE-2018-11803


JSON object : View

Products Affected

apache

  • subversion

canonical

  • ubuntu_linux
CWE
CWE-824

Access of Uninitialized Pointer