CVE-2014-8566
EPSS 0.94%
Description
The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via unspecified vectors related to a "session overflow" involving "sessions overlapping in memory."
How to fix CVE-2014-8566
To remediate CVE-2014-8566, upgrade the affected package to a fixed version below.
- Debian/libapache2-mod-auth-mellon—upgrade to 0.9.1 or later
Is CVE-2014-8566 being exploited?
Low — EPSS is 0.9%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.9.1