{"url":"http://public2.vulnerablecode.io/api/packages/561557?format=json","purl":"pkg:composer/sabre/dav@1.7.8","type":"composer","namespace":"sabre","name":"dav","version":"1.7.8","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.7.11","latest_non_vulnerable_version":"1.8.9","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203318?format=json","vulnerability_id":"VCID-dm4y-89gf-aqg6","summary":"SabreDAV before 1.7.11, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2055","reference_id":"","reference_type":"","scores":[{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67941","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2055"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2055","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2055"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/sabre/dav/CVE-2014-2055.yaml","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/sabre/dav/CVE-2014-2055.yaml"},{"reference_url":"https://github.com/fruux/sabre-dav/releases/tag/1.7.11","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/fruux/sabre-dav/releases/tag/1.7.11"},{"reference_url":"https://github.com/sabre-io/dav/commit/e3f46e0ecf83cf1d2ebf54908cde7b5ec170aa2c","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sabre-io/dav/commit/e3f46e0ecf83cf1d2ebf54908cde7b5ec170aa2c"},{"reference_url":"https://github.com/sabre-io/dav/issues/414","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sabre-io/dav/issues/414"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2055","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2055"},{"reference_url":"https://github.com/advisories/GHSA-qm4x-ch5w-gr62","reference_id":"GHSA-qm4x-ch5w-gr62","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qm4x-ch5w-gr62"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/386039?format=json","purl":"pkg:composer/sabre/dav@1.7.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/sabre/dav@1.7.11"},{"url":"http://public2.vulnerablecode.io/api/packages/386040?format=json","purl":"pkg:composer/sabre/dav@1.8.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/sabre/dav@1.8.9"}],"aliases":["CVE-2014-2055","GHSA-qm4x-ch5w-gr62"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dm4y-89gf-aqg6"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/sabre/dav@1.7.8"}