CVE-2014-8567
EPSS 3.6%
Description
The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.
How to fix CVE-2014-8567
To remediate CVE-2014-8567, upgrade the affected package to a fixed version below.
- Debian/libapache2-mod-auth-mellon—upgrade to 0.9.0 or later
Is CVE-2014-8567 being exploited?
Low — EPSS is 3.6%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.9.0