{"containers": {"cna": {"affected": [{"product": "Apache Subversion", "vendor": "Apache Software Foundation", "versions": [{"status": "affected", "version": "Apache Subversion 1.11.0, 1.10.0 to 1.10.3"}]}], "datePublic": "2019-01-23T00:00:00", "descriptions": [{"lang": "en", "value": "Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation."}], "problemTypes": [{"descriptions": [{"description": "Access of Uninitialized Pointer", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-04-02T06:06:04", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"name": "USN-3869-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3869-1/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://lists.apache.org/thread.html/fa71074862373c142d264534385f8ea5d8d6b80d27f36f3c46f55003%40%3Cdev.subversion.apache.org%3E"}, {"name": "106770", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/106770"}, {"name": "GLSA-201904-08", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201904-08"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "DATE_PUBLIC": "2019-01-23T00:00:00", "ID": "CVE-2018-11803", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Subversion", "version": {"version_data": [{"version_value": "Apache Subversion 1.11.0, 1.10.0 to 1.10.3"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Access of Uninitialized Pointer"}]}]}, "references": {"reference_data": [{"name": "USN-3869-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3869-1/"}, {"name": "https://lists.apache.org/thread.html/fa71074862373c142d264534385f8ea5d8d6b80d27f36f3c46f55003@%3Cdev.subversion.apache.org%3E", "refsource": "CONFIRM", "url": "https://lists.apache.org/thread.html/fa71074862373c142d264534385f8ea5d8d6b80d27f36f3c46f55003@%3Cdev.subversion.apache.org%3E"}, {"name": "106770", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106770"}, {"name": "GLSA-201904-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201904-08"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T08:17:09.237Z"}, "title": "CVE Program Container", "references": [{"name": "USN-3869-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3869-1/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://lists.apache.org/thread.html/fa71074862373c142d264534385f8ea5d8d6b80d27f36f3c46f55003%40%3Cdev.subversion.apache.org%3E"}, {"name": "106770", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/106770"}, {"name": "GLSA-201904-08", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201904-08"}]}]}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2018-11803", "datePublished": "2019-02-05T17:00:00Z", "dateReserved": "2018-06-05T00:00:00", "dateUpdated": "2024-09-17T01:56:52.279Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*", "matchCriteriaId": "2E3DE44D-BE33-4BF4-A0AE-FD17611252C6", "versionEndIncluding": "1.10.3", "versionStartIncluding": "1.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "04E166FE-E69F-43A0-B5F2-C704411C115F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation."}, {"lang": "es", "value": "El m\u00f3dulo Apache HTTPD \"mod_dav_svn\" de Subversion, en versiones 1.10.0 y desde la 1.10.3 hasta la 1.11.0, se cerrar\u00e1 de manera inesperada despu\u00e9s de desreferenciar un puntero no inicializado si el cliente omite la ruta \"root\" en una operaci\u00f3n de listado de un directorio recursivo."}], "id": "CVE-2018-11803", "lastModified": "2024-11-21T03:44:03.960", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-02-05T17:29:00.327", "references": [{"source": "security@apache.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/106770"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/fa71074862373c142d264534385f8ea5d8d6b80d27f36f3c46f55003%40%3Cdev.subversion.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201904-08"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3869-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/106770"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/fa71074862373c142d264534385f8ea5d8d6b80d27f36f3c46f55003%40%3Cdev.subversion.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201904-08"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3869-1/"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-824"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "subversion: malicious SVN clients can crash mod_dav_svn", "id": "1668807", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668807"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-476", "details": ["Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation."], "name": "CVE-2018-11803", "package_state": [{"cpe": "cpe:/a:redhat:ansible_tower:3", "fix_state": "Not affected", "package_name": "subversion", "product_name": "Red Hat Ansible Tower 3"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "subversion", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "subversion", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "subversion", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "subversion", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2019-01-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-11803\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-11803"], "statement": "This issue did not affect the versions of subversion as shipped with Red Hat Enterprise Linux 5, 6, and 7.\nThis issue does not affect any Ansible Tower supported versions: 3.2, 3.3 or 3.4, as their system jobs don't use mod_dav_svn module.", "threat_severity": "Moderate", "upstream_fix": "subversion 1.10.4, subversion 1.11.1"}