PT-2014-8411 · Apache+5 · Apache Subversion+5

Published

2014-12-17

Updated

2024-06-15

CVE-2014-8108

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Apache Subversion versions 1.7.x through 1.7.18 Apache Subversion versions 1.8.x through 1.8.10

Description The issue allows remote attackers to cause a denial of service, resulting in a crash due to a NULL pointer dereference. This occurs when a request is made for a URI that triggers a lookup for a virtual transaction name that does not exist.

Recommendations For Apache Subversion versions 1.7.x through 1.7.18, update to version 1.7.19 or later. For Apache Subversion versions 1.8.x through 1.8.10, update to version 1.8.11 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2015-1708

CESA-2015_0166

CVE-2014-8108

MGASA-2014-0545

OPENSUSE-SU-2024:10538-1

RHSA-2015:0166

RHSA-2015_0166

SUSE-SU-2015:0709-1

SUSE-SU-2017:2200-1

USN-2721-1

Affected Products

Alt Linux

Apache Subversion

Centos

Red Hat

Suse

Ubuntu

PT-2014-8411 · Apache+5 · Apache Subversion+5

CVE-2014-8108

Related Identifiers

Affected Products

References · 123