Improper Wildcard Handling in Apache Subversion by Apache Software Foundation
CVE-2014-3522

Currently unrated

Key Information:

Vendor

Apache
Status
Subversion
Vendor
CVE Published:
19 August 2014

What is CVE-2014-3522?

The Serf RA layer in Apache Subversion versions 1.4.0 to 1.7.x before 1.7.18 and 1.8.x before 1.8.10 is susceptible to improper handling of wildcards in the Common Name (CN) or subjectAltName field of X.509 certificates, creating a risk of man-in-the-middle attacks. This vulnerability permits unauthorized actors to forge crafted certificates, allowing them to masquerade as legitimate servers, potentially compromising sensitive data exchanged between clients and servers.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/59432
third-party-advisoryx_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-2316-1
vendor-advisoryx_refsource_UBUNTU
https://support.apple.com/HT204427
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.