Published: 26/09/2019 Updated: 27/09/2019

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache subversion
apache subversion 1.12.0

Synopsis Moderate: subversion security update Type/Severity Security Advisory: Moderate Topic An update for subversion is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base sco ...

Synopsis Moderate: subversion:110 security update Type/Severity Security Advisory: Moderate Topic An update for the subversion:110 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring S ...

Several vulnerabilities were discovered in Subversion, a version control system The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-11782 Ace Olszowka reported that the Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer, leading to a ...

Subversion could be made to crash if it received specially crafted network traffic ...

Several security issues were fixed in subversion ...

In Apache Subversion versions up to and including 1910, 1104, 1120, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer This can lead to disruption for users of the server (CVE-2018-11782) ...

In Apache Subversion versions up to and including 1910, 1104, 1120, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer This can lead to disruption for users of the server(CVE-2018-11782) In Apache Subversion versions up to and including 1910, 1104, 1120, Subversion's svnserv ...

Subversion svn:// connections, including svn+ssh:// and svn+<custom>://, use a custom network protocol [1] with Lisp-like syntax The code implementing the protocol has dedicated codepaths for serialization of revision numbers into protocol integers A particular client query could cause the server to attempt to reply with a revision number ...

Critical Infrastructure Sectors: Critical Manufacturing, Energy, Food and Agriculture

CWE-20 http://subversion.apache.org/security/CVE-2018-11782-advisory.txt https://access.redhat.com/errata/RHSA-2020:3972 https://nvd.nist.gov https://usn.ubuntu.com/4082-2/https://www.cisa.gov/uscert/ics/advisories/icsa-22-123-01 https://www.debian.org/security/2019/dsa-4490

CVE-2018-11782

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

References

Vulmon Search

About

Products

Connect