N/A Published on 2014-08-19

CVE-2014-3522

The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

Affected mobile apps

Xcode

com.apple.dt.Xcode

1 open

Vulnerable CPE configurations

Vendor	Product	Platform	Versions	CPE 2.3 URI
apple	xcode	Android	—	cpe:2.3:a:apple:xcode:6.1.1:::::::*

View on NVD ↗