CVE-2014-2055: XEE issue that could expose local files or easily trigger a DOS attack.

June 4, 2014

SabreDAV allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

References

github.com/fruux/sabre-dav/releases/tag/1.7.11

Detect and mitigate CVE-2014-2055 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →