Lucene search
HistorySep 23, 2014 - 8:55 p.m.
CVE-2014-3090
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.2%
IBM Rational ClearCase 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
Affected configurations
Node
ibmrational_clearcaseMatch7.1
ORibmrational_clearcaseMatch7.1.0.1
ORibmrational_clearcaseMatch7.1.0.2
ORibmrational_clearcaseMatch7.1.1
ORibmrational_clearcaseMatch7.1.1.1
ORibmrational_clearcaseMatch7.1.1.2
ORibmrational_clearcaseMatch7.1.1.3
ORibmrational_clearcaseMatch7.1.1.4
ORibmrational_clearcaseMatch7.1.1.5
ORibmrational_clearcaseMatch7.1.1.6
ORibmrational_clearcaseMatch7.1.1.7
ORibmrational_clearcaseMatch7.1.1.8
ORibmrational_clearcaseMatch7.1.1.9
ORibmrational_clearcaseMatch7.1.2
ORibmrational_clearcaseMatch7.1.2.1
ORibmrational_clearcaseMatch7.1.2.2
ORibmrational_clearcaseMatch7.1.2.3
ORibmrational_clearcaseMatch7.1.2.4
ORibmrational_clearcaseMatch7.1.2.5
ORibmrational_clearcaseMatch7.1.2.6
ORibmrational_clearcaseMatch7.1.2.7
ORibmrational_clearcaseMatch7.1.2.9
ORibmrational_clearcaseMatch7.1.2.10
ORibmrational_clearcaseMatch7.1.2.11
ORibmrational_clearcaseMatch7.1.2.12
ORibmrational_clearcaseMatch7.1.2.13
ORibmrational_clearcaseMatch7.1.2.14
ORibmrational_clearcaseMatch8.0
ORibmrational_clearcaseMatch8.0.0
ORibmrational_clearcaseMatch8.0.0.1
ORibmrational_clearcaseMatch8.0.0.2
ORibmrational_clearcaseMatch8.0.0.3
ORibmrational_clearcaseMatch8.0.0.4
ORibmrational_clearcaseMatch8.0.0.5
ORibmrational_clearcaseMatch8.0.0.6
ORibmrational_clearcaseMatch8.0.0.7
ORibmrational_clearcaseMatch8.0.0.8
ORibmrational_clearcaseMatch8.0.0.9
ORibmrational_clearcaseMatch8.0.0.10
ORibmrational_clearcaseMatch8.0.0.11
ORibmrational_clearcaseMatch8.0.1
ORibmrational_clearcaseMatch8.0.1.1
ORibmrational_clearcaseMatch8.0.1.2
ORibmrational_clearcaseMatch8.0.1.3
ORibmrational_clearcaseMatch8.0.1.4
Related
cve
cve
prion
prion
Code injection
2014-09-23 20:55:00
Code injection
2014-11-05 11:55:00
Design/Logic Flaw
2021-06-28 13:15:00
cvelist
cvelist
nvd
nvd
ubuntucve
ubuntucve
ibm
ibm
centos
centos
libxml2 security update
2008-09-12 01:23:56
openvas
openvas
Huawei EulerOS: Security Advisory for qt (EulerOS-SA-2020-1299)
2020-03-23 00:00:00
RedHat Update for libxml2 RHSA-2008:0886-01
2009-03-06 00:00:00
Huawei EulerOS: Security Advisory for qt (EulerOS-SA-2020-1669)
2020-06-16 00:00:00
redhatcve
redhatcve
CVE-2017-18640
2020-04-08 21:02:33
osv
osv
SnakeYAML Entity Expansion during load operation
2021-06-04 21:37:45
JBossWS vulnerable to uncontrolled recursion
2022-05-13 01:39:29
CVE-2017-18640
2019-12-12 03:15:10
github
github
JBossWS vulnerable to uncontrolled recursion
2022-05-13 01:39:29
SnakeYAML Entity Expansion during load operation
2021-06-04 21:37:45
nessus
nessus
EulerOS 2.0 SP3 : qt (EulerOS-SA-2020-1431)
2020-04-15 00:00:00
EulerOS 2.0 SP5 : qt (EulerOS-SA-2020-1323)
2020-03-23 00:00:00
SUSE SLED15 / SLES15 Security Update : snakeyaml (SUSE-SU-2021:1876-1)
2021-06-11 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:53:01
debiancve
debiancve
freebsd
freebsd
ejabberd -- remote denial of service vulnerability
2011-04-27 00:00:00
redhat
redhat
(RHSA-2008:0886) Important: libxml2 security update
2008-09-11 00:00:00
securityvulns
securityvulns
[ MDVSA-2009:221 ] libneon0.27
2009-08-25 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.2%
Related for NVD:CVE-2014-3090