CVE-2016-8734
Description
Apache Subversions mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
12.879
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Advanced version control system (USN-3388-1) libsvn1_1.8.8-1ubuntu3.3_i386.deb | Linux |
| Advanced version control system (USN-3388-1) libsvn1_1.8.8-1ubuntu3.3_amd64.deb | Linux |
| Advanced version control system (USN-3388-1) libsvn1_1.9.3-2ubuntu1.1_i386.deb | Linux |
| Advanced version control system (USN-3388-1) libsvn1_1.9.3-2ubuntu1.1_amd64.deb | Linux |
| Advanced version control system (USN-3388-1) libsvn1_1.9.5-1ubuntu1.1_i386.deb | Linux |
| Advanced version control system (USN-3388-1) libsvn1_1.9.5-1ubuntu1.1_amd64.deb | Linux |
| Advanced version control system (USN-3388-1) subversion_1.8.8-1ubuntu3.3_i386.deb | Linux |
| Advanced version control system (USN-3388-1) subversion_1.8.8-1ubuntu3.3_amd64.deb | Linux |
| Advanced version control system (USN-3388-1) subversion_1.9.3-2ubuntu1.1_i386.deb | Linux |
| Advanced version control system (USN-3388-1) subversion_1.9.3-2ubuntu1.1_amd64.deb | Linux |
| Advanced version control system (USN-3388-1) subversion_1.9.5-1ubuntu1.1_i386.deb | Linux |
| Advanced version control system (USN-3388-1) subversion_1.9.5-1ubuntu1.1_amd64.deb | Linux |
| Advanced version control system (USN-3388-1) libapache2-svn_1.8.8-1ubuntu3.3_all.deb | Linux |
| Advanced version control system (USN-3388-1) libapache2-svn_1.9.3-2ubuntu1.1_all.deb | Linux |
| Advanced version control system (USN-3388-1) libapache2-mod-svn_1.8.8-1ubuntu3.3_i386.deb | Linux |
| Advanced version control system (USN-3388-1) libapache2-mod-svn_1.8.8-1ubuntu3.3_amd64.deb | Linux |
| Advanced version control system (USN-3388-1) libapache2-mod-svn_1.9.3-2ubuntu1.1_i386.deb | Linux |
| Advanced version control system (USN-3388-1) libapache2-mod-svn_1.9.3-2ubuntu1.1_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234