Mend Vulnerability Database
What is a CVE vulnerability ID? What is a WS vulnerability ID?New vulnerability? Tell us about it!
We found results for “”
Good to know:
Date: October 12, 2017
Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory.
Weakness Type (CWE)
Uncontrolled Resource Consumption ('Resource Exhaustion')CWE-400
Upgrade to version 1.8.17,1.9.5
|Attack Vector (AV):||NETWORK|
|Attack Complexity (AC):||LOW|
|Privileges Required (PR):||LOW|
|User Interaction (UI):||NONE|
|Access Vector (AV):||NETWORK|
|Access Complexity (AC):||LOW|