FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 03:12:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
ac256985-b6a9-11e6-a3bf-206a8a720317	subversion -- Unrestricted XML entity expansion in mod_dontdothat and Subversionclients using http(s) The Apache Software Foundation reports: The mod_dontdothat module of subversion and subversion clients using http(s):// are vulnerable to a denial-of-service attack, caused by exponential XML entity expansion. The attack targets XML parsers causing targeted process to consume excessive amounts of resources. The attack is also known as the "billions of laughs attack." Discovery 2016-11-29 Entry 2016-11-29 subversion18 < 1.8.17 subversion < 1.9.5 http://subversion.apache.org/security/CVE-2016-8734-advisory.txt CVE-2016-8734

VuXML ID

Description

ac256985-b6a9-11e6-a3bf-206a8a720317

subversion -- Unrestricted XML entity expansion in mod_dontdothat and Subversionclients using http(s)

The Apache Software Foundation reports:

The mod_dontdothat module of subversion and subversion clients using http(s):// are vulnerable to a denial-of-service attack, caused by exponential XML entity expansion. The attack targets XML parsers causing targeted process to consume excessive amounts of resources. The attack is also known as the "billions of laughs attack."

Discovery 2016-11-29
Entry 2016-11-29
subversion18

< 1.8.17

subversion

< 1.9.5

http://subversion.apache.org/security/CVE-2016-8734-advisory.txt
CVE-2016-8734