CVE-2018-11803

Name of the Vulnerable Software and Affected Versions Apache Subversion mod dav svn module versions 1.10.0 through 1.10.3 Apache Subversion mod dav svn module version 1.11.0

Description The issue is related to a pointer dereference error in the mod dav svn module of Apache Subversion. This can be exploited by a remote attacker to cause a denial of service. The vulnerability occurs when a client omits the root path in a recursive directory listing operation, causing the module to crash after dereferencing an uninitialized pointer.

Recommendations For version 1.10.0 through 1.10.3, update to a version that fixes the pointer dereference error to prevent denial of service attacks. For version 1.11.0, update to a version that fixes the pointer dereference error to prevent denial of service attacks. As a temporary workaround, consider restricting access to the recursive directory listing operation to minimize the risk of exploitation.