Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2014-8108 (GCVE-0-2014-8108)
Vulnerability from cvelistv5 – Published: 2014-12-18 15:00 – Updated: 2024-08-06 13:10
VLAI?
EPSS
Summary
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:50.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt"
},
{
"name": "RHSA-2015:0166",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0166.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT204427"
},
{
"name": "71725",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71725"
},
{
"name": "APPLE-SA-2015-03-09-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"name": "61131",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61131"
},
{
"name": "USN-2721-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2721-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T16:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt"
},
{
"name": "RHSA-2015:0166",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0166.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT204427"
},
{
"name": "71725",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71725"
},
{
"name": "APPLE-SA-2015-03-09-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"name": "61131",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61131"
},
{
"name": "USN-2721-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2721-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt",
"refsource": "CONFIRM",
"url": "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt"
},
{
"name": "RHSA-2015:0166",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0166.html"
},
{
"name": "https://support.apple.com/HT204427",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204427"
},
{
"name": "71725",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71725"
},
{
"name": "APPLE-SA-2015-03-09-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"name": "61131",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61131"
},
{
"name": "USN-2721-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2721-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-8108",
"datePublished": "2014-12-18T15:00:00.000Z",
"dateReserved": "2014-10-10T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:10:50.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2014-8108
Vulnerability from fkie_nvd - Published: 2014-12-18 15:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:subversion:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D75936BB-5BE4-4B8C-B2A0-2BE13B713AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFCE3B89-46A6-4D1F-AFB3-FCB6C3B66245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DFB08D-01C2-4D95-8EB2-81F5C27AC656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A3625A8E-A326-4DCE-9CFB-B0E38FC54B6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "106C86D0-84D9-4F44-821F-FD0D49EB32E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "156DD5C1-C2C3-4AD7-B432-79CC3EC32B63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "75551DEC-A2BE-453D-9ABA-B3041A2607C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5A2F0A-E06E-40C6-98C1-4343AA9C2EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC70E13-59B6-4A75-9AF0-D38CCAB2D117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8316A374-3E3E-4FBA-AB57-9244812C8E2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0EB42901-B207-4B41-B09C-91153A19C7D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E3DA7ADC-6A81-4250-B6E1-4E4425156941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "83D766B5-5F07-44F1-A488-127D18510989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2C8479EC-930C-47DB-9A02-E7B2F9101E5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1D47331-B23A-4A6E-8F14-74628F0E1846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E2C35C-FEBA-4525-8A38-9C170B34FA07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A098CEF5-04BE-48C0-8414-AFC9D03771E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C39739A0-8C23-4167-B63D-1000F9D3B684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD13E19-4B9C-4DBD-9339-7BFE5377689F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "35C2CFEF-2F6D-4F9A-9DDF-4CC6448BADC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D04C072-7D90-428F-A226-BAD0105D22B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "856959BA-9945-4AA8-95D3-B3752C0D895D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13109084-931E-4565-BEE5-794B83E6978D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4ED3EA46-88F7-438D-B8FC-D6C5E1C8984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "726B9C10-ACD5-41C2-A552-FD0046A75966",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87D72A75-EDB9-4AD1-B6FC-8A918804DE0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B55A7A26-C994-4956-BBE7-BF3A51971295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9E26AB-915A-477F-BA5C-10965A7098F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DFD49A9B-16A7-4362-8D62-6EB5ECBE4296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B0CB798-F4ED-44E5-9B15-B7009EAC6303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3F6E5C-CF55-4CEB-A5B6-D49E0234FF3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C1DD29-88D2-49DE-9B77-D925A4B9EB7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "67130DAF-AE81-43D2-A208-58A53746A7E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9F8426-38CB-46B4-B0D0-8D16B48DD53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "90631FFA-9AB2-483D-B162-31A47428D280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8BD5A981-3FDD-4E74-8EB2-5F324246FFF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "88F4E8C9-671B-4DA3-9D0D-98539D8D4FE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "341F900B-5179-4CB4-9F41-91B58B29C414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F34F463-6350-4F48-B037-856DDBB1A4FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C813BA-B8F9-446B-A07F-B51F26815578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3DF4080D-0D95-429E-88AA-1051A5520C01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CF50F098-A055-4B79-AC35-6BD6F32D70F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "540461D4-87F4-42AB-ADDC-C7A067FE2893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3E676744-C623-4894-8764-43588E56D2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "669735D1-1C14-4CD7-AA7C-AD2CA63A1979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C568FD-54BC-4506-AF60-BFE7CE14D0F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F71F24-D909-49D9-8B4F-FA757FDF1C25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "034D1C36-B73E-443E-A6B4-44CC6E7BC043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D373245-8384-45E4-BE2E-E0518BD7F84F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EED44413-D313-4588-9A4B-25F79D0925A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C193EB08-BBC2-43A2-B11A-9C7E2098862D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "022A5BCE-A1DC-48E2-829D-AD9261562095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "155F83A1-A04A-48C0-A801-B38F129F310F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "302DC06D-5FB1-4EF9-B5E1-6407B88D65FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "27A15D05-29BA-4CCC-9348-A516E1E2C079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "2004B474-9869-445D-957D-20EF254FB461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "8F91A5E0-0DD8-47DD-B52E-A15E8064945F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "9C34BE8D-6DFF-4E57-971C-8CCEF13E6500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDBC5BA-6A3C-4DB9-BE16-83A4EB85100C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.21:*:*:*:*:*:*:*",
"matchCriteriaId": "DF1B4950-4D56-47A2-BCE8-FB3714EA1B2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.6.23:*:*:*:*:*:*:*",
"matchCriteriaId": "3194C6CE-3E8A-4861-AED1-942824974AE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D102460-B5D5-46C4-8021-7C3510A5FCF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92265E60-7BBF-4E8E-A438-4132D8FD57BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "346DE008-472F-47E1-8B96-F968C7D0A003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9BDB22-29E0-48A3-8765-FAC6A3442A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5EB3A7-DE33-42CB-9B5E-646B9D4FFBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F63AB9E5-FD99-40A8-B24F-623BDDBCA427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEA6C3E-C41B-4EF9-84E1-72BC6B72D1C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B873C1-E7D6-4E55-A5A7-85000B686071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "87D2E8DD-4225-476A-AF17-7621C9A28391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "40D913E2-0FBD-4F6C-8A21-43A0681237BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4B869CEB-7637-48C3-8A4C-171CFB766B97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "75CF5BC1-7071-48A3-86A9-C843485CAED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.12:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB23250-EBD2-4A5F-BF5E-1DAE1A64EF0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.13:*:*:*:*:*:*:*",
"matchCriteriaId": "200DB058-C9F0-4983-AF99-EBB8FC2E7875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.14:*:*:*:*:*:*:*",
"matchCriteriaId": "57697AAD-5264-4C05-89E4-0228DEF2E9DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.15:*:*:*:*:*:*:*",
"matchCriteriaId": "24295270-DCBF-4FF3-88F7-E9A30B6388E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.16:*:*:*:*:*:*:*",
"matchCriteriaId": "22E754F2-5D3D-437E-BB15-693D2EB58DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CF4232D2-1F70-4A06-BD11-A0DFE6CE0744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A3256F8C-2CA8-43B5-96E5-794113FF531B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.7.19:*:*:*:*:*:*:*",
"matchCriteriaId": "593F15F7-E610-458B-B094-BF6AC53B719A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0E7811-3B60-46E7-943C-E0E7ED00FB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A57A3347-6C48-4803-AB4E-A4BC0E6BFA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50D26799-D038-470A-A468-58DBDB64A7E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D3769BD6-B104-4F74-B8C4-89398A8894FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9757DD5E-42A6-44B8-9692-49690F60C8D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A7B5A014-D4EE-4244-AABA-0873492F7295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9F8C2A-A94E-4D99-839B-47AAE8754191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69D29A9E-DB23-4D86-B4A3-3C4F663416AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D86AEE89-9F8E-43A5-A888-F421B10DB2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:subversion:1.8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D4EF7D71-3AAF-4112-831A-3538C5B82594",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:xcode:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81EE9433-C21F-4902-B37E-CF4FC1132B72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist."
},
{
"lang": "es",
"value": "El m\u00f3dulo mod_dav del servidor Apache HTTPD en Apache Subversion 1.7.x anterior a 1.7.19 y 1.8.x anterior a 1.8.11 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero nulo y ca\u00edda) a trav\u00e9s de una petici\u00f3n a una URI que dispara una b\u00fasqueda para un nombre de transacci\u00f3n virtual que no existe."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/476.html\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e",
"id": "CVE-2014-8108",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-18T15:59:01.350",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0166.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/61131"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/71725"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2721-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT204427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0166.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71725"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2721-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT204427"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2014-8108
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2014-8108",
"description": "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.",
"id": "GSD-2014-8108",
"references": [
"https://www.suse.com/security/cve/CVE-2014-8108.html",
"https://access.redhat.com/errata/RHSA-2015:0166",
"https://ubuntu.com/security/CVE-2014-8108",
"https://advisories.mageia.org/CVE-2014-8108.html",
"https://alas.aws.amazon.com/cve/html/CVE-2014-8108.html",
"https://linux.oracle.com/cve/CVE-2014-8108.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2014-8108"
],
"details": "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.",
"id": "GSD-2014-8108",
"modified": "2023-12-13T01:22:49.465712Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt",
"refsource": "CONFIRM",
"url": "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt"
},
{
"name": "RHSA-2015:0166",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0166.html"
},
{
"name": "https://support.apple.com/HT204427",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204427"
},
{
"name": "71725",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71725"
},
{
"name": "APPLE-SA-2015-03-09-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"name": "61131",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61131"
},
{
"name": "USN-2721-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2721-1"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:xcode:6.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8108"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt"
},
{
"name": "61131",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/61131"
},
{
"name": "APPLE-SA-2015-03-09-4",
"refsource": "APPLE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"name": "https://support.apple.com/HT204427",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT204427"
},
{
"name": "RHSA-2015:0166",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0166.html"
},
{
"name": "USN-2721-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-2721-1"
},
{
"name": "71725",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/71725"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2017-01-03T02:59Z",
"publishedDate": "2014-12-18T15:59Z"
}
}
}
GHSA-VW28-XRGP-7GQJ
Vulnerability from github – Published: 2022-05-17 03:11 – Updated: 2022-05-17 03:11
VLAI?
Details
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.
{
"affected": [],
"aliases": [
"CVE-2014-8108"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2014-12-18T15:59:00Z",
"severity": "MODERATE"
},
"details": "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.",
"id": "GHSA-vw28-xrgp-7gqj",
"modified": "2022-05-17T03:11:04Z",
"published": "2022-05-17T03:11:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8108"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT204427"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0166.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/61131"
},
{
"type": "WEB",
"url": "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/71725"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2721-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
CERTFR-2015-AVI-092
Vulnerability from certfr_avis - Published: 2015-03-10 - Updated: 2015-03-10
De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "OS X Mavericks",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Apple TV",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "OS X Moutain Lion",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "OS X Yosemite",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS 8.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Xcode 6.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2014-8108",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8108"
},
{
"name": "CVE-2015-1064",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1064"
},
{
"name": "CVE-2014-3580",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3580"
},
{
"name": "CVE-2015-1066",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1066"
},
{
"name": "CVE-2015-1062",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1062"
},
{
"name": "CVE-2015-1063",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1063"
},
{
"name": "CVE-2014-3522",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3522"
},
{
"name": "CVE-2014-3528",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3528"
},
{
"name": "CVE-2014-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9390"
},
{
"name": "CVE-2015-1067",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1067"
},
{
"name": "CVE-2015-1065",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1065"
},
{
"name": "CVE-2014-4496",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4496"
},
{
"name": "CVE-2015-1061",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1061"
}
],
"initial_release_date": "2015-03-10T00:00:00",
"last_revision_date": "2015-03-10T00:00:00",
"links": [],
"reference": "CERTFR-2015-AVI-092",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-03-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eApple\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT204426 du 09 mars 2015",
"url": "https://support.apple.com/en-us/HT204426"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT204427 du 09 mars 2015",
"url": "https://support.apple.com/en-us/HT204427"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple 2015-002 du 09 mars 2015",
"url": "https://support.apple.com/en-us/HT204413"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT204423 du 09 mars 2015",
"url": "https://support.apple.com/en-us/HT204423"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…