VDB

GCVE-VVD-MAGEIA-2014-549

GCVE-VVD-MAGEIA-2014-549
Advisory Published
Vulnetix · Advisory published December 26, 2014
Updated axis packages fixes security vulnerability: It was discovered that Axis incorrectly extracted the host name from an X.509 certificate subject's Common Name (CN) field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate (CVE-2014-3596).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiaaxis0 (affected), 1.4-24.1.mga4 (unaffected)

References

Updated axis packages fix CVE-2014-3596
advisory
Updated axis packages fix CVE-2014-3596
issue
Updated axis packages fix CVE-2014-3596
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›