CVE-2014-3522
EPSS 2.6%
Description
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
How to fix CVE-2014-3522
To remediate CVE-2014-3522, upgrade the affected package to a fixed version below.
- Debian/subversion—upgrade to 1.8.10-1 or later
Is CVE-2014-3522 being exploited?
Low — EPSS is 2.6%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.8.10-1