vulnerability
Oracle Linux: CVE-2019-0203: ELSA-2019-2512: subversion:1.10 security update (IMPORTANT)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Jul 31, 2019 | Jul 21, 2020 | Dec 3, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Jul 31, 2019
Added
Jul 21, 2020
Modified
Dec 3, 2025
Description
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.
A flaw was found in subversion. A remote, unauthenticated user can cause a null-pointer-dereference in svnserve by sending a certain sequences of protocol commands to the server. This results in a denial of service in some server configurations, specifically when anonymous access is enabled. The highest threat from this vulnerability is to system availability.
A flaw was found in subversion. A remote, unauthenticated user can cause a null-pointer-dereference in svnserve by sending a certain sequences of protocol commands to the server. This results in a denial of service in some server configurations, specifically when anonymous access is enabled. The highest threat from this vulnerability is to system availability.
Solutions
oracle-linux-upgrade-libserforacle-linux-upgrade-mod-dav-svnoracle-linux-upgrade-subversionoracle-linux-upgrade-subversion-develoracle-linux-upgrade-subversion-gnomeoracle-linux-upgrade-subversion-javahloracle-linux-upgrade-subversion-libsoracle-linux-upgrade-subversion-perloracle-linux-upgrade-subversion-toolsoracle-linux-upgrade-utf8proc
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.