Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-az8z-jtp2-tyhj

Summary

A parsing flaw related to functions and environments in Bash could
    allow attackers to inject code. The unaffected packages listed in GLSA
    201409-09 had an incomplete fix.

Aliases

alias	CVE-2014-7169

Fixed_packages

url pkg:deb/debian/bash@4.2%2Bdfsg-0.1%2Bdeb7u3

purl pkg:deb/debian/bash@4.2%2Bdfsg-0.1%2Bdeb7u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.2%252Bdfsg-0.1%252Bdeb7u3

url	pkg:deb/debian/bash@4.3-9.2?distro=trixie
purl	pkg:deb/debian/bash@4.3-9.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.3-9.2%3Fdistro=trixie

url pkg:deb/debian/bash@4.3-11

purl pkg:deb/debian/bash@4.3-11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-up13-8aex-7qfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.3-11

url pkg:deb/debian/bash@5.1-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/bash@5.1-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rc3z-84wf-pygu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.1-2%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/bash@5.2.15-2?distro=trixie
purl	pkg:deb/debian/bash@5.2.15-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.2.15-2%3Fdistro=trixie

url	pkg:deb/debian/bash@5.2.37-2?distro=trixie
purl	pkg:deb/debian/bash@5.2.37-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.2.37-2%3Fdistro=trixie

url	pkg:deb/debian/bash@5.3-2?distro=trixie
purl	pkg:deb/debian/bash@5.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.3-2%3Fdistro=trixie

url	pkg:ebuild/app-shells/bash@4.2_p48-r1
purl	pkg:ebuild/app-shells/bash@4.2_p48-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/app-shells/bash@4.2_p48-r1

Affected_packages

url pkg:deb/debian/bash@2.01.1-4

purl pkg:deb/debian/bash@2.01.1-4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.01.1-4

url pkg:deb/debian/bash@2.01.1-4.1

purl pkg:deb/debian/bash@2.01.1-4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.01.1-4.1

url pkg:deb/debian/bash@2.03-6

purl pkg:deb/debian/bash@2.03-6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.03-6

url pkg:deb/debian/bash@2.05a-11

purl pkg:deb/debian/bash@2.05a-11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.05a-11

url pkg:deb/debian/bash@2.05b-2-26

purl pkg:deb/debian/bash@2.05b-2-26

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.05b-2-26

url pkg:deb/debian/bash@3.1dfsg-8

purl pkg:deb/debian/bash@3.1dfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@3.1dfsg-8

url pkg:deb/debian/bash@3.2-4

purl pkg:deb/debian/bash@3.2-4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@3.2-4

url pkg:deb/debian/bash@4.1-3

purl pkg:deb/debian/bash@4.1-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.1-3

url pkg:deb/debian/bash@4.1-3%2Bdeb6u2

purl pkg:deb/debian/bash@4.1-3%2Bdeb6u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.1-3%252Bdeb6u2

url pkg:deb/debian/bash@4.2%2Bdfsg-0.1%2Bdeb7u3

purl pkg:deb/debian/bash@4.2%2Bdfsg-0.1%2Bdeb7u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.2%252Bdfsg-0.1%252Bdeb7u3

url pkg:rpm/redhat/bash@3.0-27.el4?arch=4

purl pkg:rpm/redhat/bash@3.0-27.el4?arch=4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-yje9-sb3a-kubp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.0-27.el4%3Farch=4

url pkg:rpm/redhat/bash@3.2-24.el5_6?arch=2

purl pkg:rpm/redhat/bash@3.2-24.el5_6?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-yje9-sb3a-kubp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.2-24.el5_6%3Farch=2

url pkg:rpm/redhat/bash@3.2-32.el5_9?arch=3

purl pkg:rpm/redhat/bash@3.2-32.el5_9?arch=3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-yje9-sb3a-kubp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.2-32.el5_9%3Farch=3

url pkg:rpm/redhat/bash@3.2-32.el5_9.3.sjis?arch=1

purl pkg:rpm/redhat/bash@3.2-32.el5_9.3.sjis?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-yje9-sb3a-kubp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.2-32.el5_9.3.sjis%3Farch=1

url pkg:rpm/redhat/bash@3.2-33.el5_11?arch=4

purl pkg:rpm/redhat/bash@3.2-33.el5_11?arch=4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-yje9-sb3a-kubp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.2-33.el5_11%3Farch=4

url pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis?arch=2

purl pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-yje9-sb3a-kubp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis%3Farch=2

url pkg:rpm/redhat/bash@4.1.2-9.el6_2?arch=2

purl pkg:rpm/redhat/bash@4.1.2-9.el6_2?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-yje9-sb3a-kubp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@4.1.2-9.el6_2%3Farch=2

url pkg:rpm/redhat/bash@4.1.2-15.el6_4?arch=2

purl pkg:rpm/redhat/bash@4.1.2-15.el6_4?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-yje9-sb3a-kubp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@4.1.2-15.el6_4%3Farch=2

url pkg:rpm/redhat/bash@4.1.2-15.el6_5?arch=2

purl pkg:rpm/redhat/bash@4.1.2-15.el6_5?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-yje9-sb3a-kubp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@4.1.2-15.el6_5%3Farch=2

url pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis?arch=2

purl pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-yje9-sb3a-kubp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis%3Farch=2

url pkg:rpm/redhat/bash@4.2.45-5.el7_0?arch=4

purl pkg:rpm/redhat/bash@4.2.45-5.el7_0?arch=4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-yje9-sb3a-kubp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@4.2.45-5.el7_0%3Farch=4

url pkg:rpm/redhat/rhev-hypervisor6@6.5-20140930.1?arch=el6ev

purl pkg:rpm/redhat/rhev-hypervisor6@6.5-20140930.1?arch=el6ev

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-qdev-8m9n-8bbr

vulnerability	VCID-yje9-sb3a-kubp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rhev-hypervisor6@6.5-20140930.1%3Farch=el6ev

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7169.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7169.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-7169

reference_id

reference_type

scores

value	0.90108
scoring_system	epss
scoring_elements	0.99589
published_at	2026-04-18T12:55:00Z

value	0.90108
scoring_system	epss
scoring_elements	0.99583
published_at	2026-04-01T12:55:00Z

value	0.90108
scoring_system	epss
scoring_elements	0.99587
published_at	2026-04-13T12:55:00Z

value	0.90108
scoring_system	epss
scoring_elements	0.99588
published_at	2026-04-16T12:55:00Z

value	0.90108
scoring_system	epss
scoring_elements	0.99584
published_at	2026-04-02T12:55:00Z

value	0.90108
scoring_system	epss
scoring_elements	0.99586
published_at	2026-04-07T12:55:00Z

value	0.90108
scoring_system	epss
scoring_elements	0.99585
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-7169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1146319
reference_id	1146319
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1146319

reference_url

https://access.redhat.com/articles/1200223

reference_id

1200223

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

https://access.redhat.com/articles/1200223

reference_url

https://access.redhat.com/node/1200223

reference_id

1200223

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

https://access.redhat.com/node/1200223

reference_url

http://www.kb.cert.org/vuls/id/252743

reference_id

252743

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://www.kb.cert.org/vuls/id/252743

reference_url

http://www.openwall.com/lists/oss-security/2014/09/24/32

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://www.openwall.com/lists/oss-security/2014/09/24/32

reference_url

http://twitter.com/taviso/statuses/514887394294652929

reference_id

514887394294652929

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://twitter.com/taviso/statuses/514887394294652929

reference_url

http://secunia.com/advisories/59272

reference_id

59272

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://secunia.com/advisories/59272

reference_url

http://secunia.com/advisories/59737

reference_id

59737

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://secunia.com/advisories/59737

reference_url

http://secunia.com/advisories/60947

reference_id

60947

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://secunia.com/advisories/60947

reference_url

http://secunia.com/advisories/61619

reference_id

61619

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://secunia.com/advisories/61619

reference_url

http://secunia.com/advisories/61626

reference_id

61626

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://secunia.com/advisories/61626

reference_url

http://secunia.com/advisories/61676

reference_id

61676

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://secunia.com/advisories/61676

reference_url

http://secunia.com/advisories/61700

reference_id

61700

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://secunia.com/advisories/61700

reference_url

http://secunia.com/advisories/61715

reference_id

61715

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://secunia.com/advisories/61715

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762760
reference_id	762760
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762760

reference_url

http://support.novell.com/security/cve/CVE-2014-7169.html

reference_id

CVE-2014-7169.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://support.novell.com/security/cve/CVE-2014-7169.html

reference_url

http://www.debian.org/security/2014/dsa-3035

reference_id

dsa-3035

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://www.debian.org/security/2014/dsa-3035

reference_url

http://linux.oracle.com/errata/ELSA-2014-1306.html

reference_id

ELSA-2014-1306.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://linux.oracle.com/errata/ELSA-2014-1306.html

reference_url

http://linux.oracle.com/errata/ELSA-2014-3075.html

reference_id

ELSA-2014-3075.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://linux.oracle.com/errata/ELSA-2014-3075.html

reference_url

http://linux.oracle.com/errata/ELSA-2014-3077.html

reference_id

ELSA-2014-3077.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://linux.oracle.com/errata/ELSA-2014-3077.html

reference_url

http://linux.oracle.com/errata/ELSA-2014-3078.html

reference_id

ELSA-2014-3078.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://linux.oracle.com/errata/ELSA-2014-3078.html

reference_url	https://security.gentoo.org/glsa/201409-10
reference_id	GLSA-201409-10
reference_type
scores
url	https://security.gentoo.org/glsa/201409-10

reference_url

http://support.apple.com/kb/HT6495

reference_id

HT6495

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://support.apple.com/kb/HT6495

reference_url

http://marc.info/?l=bugtraq&m=141216207813411&w=2

reference_id

?l=bugtraq&m=141216207813411&w=2

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://marc.info/?l=bugtraq&m=141216207813411&w=2

reference_url

http://marc.info/?l=bugtraq&m=141216668515282&w=2

reference_id

?l=bugtraq&m=141216668515282&w=2

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://marc.info/?l=bugtraq&m=141216668515282&w=2

reference_url

http://marc.info/?l=bugtraq&m=141235957116749&w=2

reference_id

?l=bugtraq&m=141235957116749&w=2

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://marc.info/?l=bugtraq&m=141235957116749&w=2

reference_url

http://marc.info/?l=bugtraq&m=141319209015420&w=2

reference_id

?l=bugtraq&m=141319209015420&w=2

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://marc.info/?l=bugtraq&m=141319209015420&w=2

reference_url

http://marc.info/?l=bugtraq&m=141330425327438&w=2

reference_id

?l=bugtraq&m=141330425327438&w=2

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://marc.info/?l=bugtraq&m=141330425327438&w=2

reference_url

http://advisories.mageia.org/MGASA-2014-0393.html

reference_id

MGASA-2014-0393.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://advisories.mageia.org/MGASA-2014-0393.html

reference_url

http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html

reference_id

quick-notes-about-bash-bug-its-impact.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html

reference_url	https://access.redhat.com/errata/RHSA-2014:1306
reference_id	RHSA-2014:1306
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1306

reference_url

http://rhn.redhat.com/errata/RHSA-2014-1306.html

reference_id

RHSA-2014-1306.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://rhn.redhat.com/errata/RHSA-2014-1306.html

reference_url	https://access.redhat.com/errata/RHSA-2014:1311
reference_id	RHSA-2014:1311
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1311

reference_url	https://access.redhat.com/errata/RHSA-2014:1312
reference_id	RHSA-2014:1312
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1312

reference_url	https://access.redhat.com/errata/RHSA-2014:1354
reference_id	RHSA-2014:1354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1354

reference_url	https://access.redhat.com/errata/RHSA-2014:1865
reference_id	RHSA-2014:1865
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1865

reference_url

http://www.us-cert.gov/ncas/alerts/TA14-268A

reference_id

TA14-268A

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://www.us-cert.gov/ncas/alerts/TA14-268A

reference_url	https://usn.ubuntu.com/2363-1/
reference_id	USN-2363-1
reference_type
scores
url	https://usn.ubuntu.com/2363-1/

reference_url

http://www.ubuntu.com/usn/USN-2363-1

reference_id

USN-2363-1

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://www.ubuntu.com/usn/USN-2363-1

reference_url	https://usn.ubuntu.com/2363-2/
reference_id	USN-2363-2
reference_type
scores
url	https://usn.ubuntu.com/2363-2/

reference_url

http://www.ubuntu.com/usn/USN-2363-2

reference_id

USN-2363-2

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:31:47Z/

url

http://www.ubuntu.com/usn/USN-2363-2

Weaknesses

cwe_id	228
name	Improper Handling of Syntactically Invalid Structure
description	The product does not handle or incorrectly handles input that is not syntactically well-formed with respect to the associated specification.

Exploits

date_added	2022-01-28
description	GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271.
required_action	Apply updates per vendor instructions.
due_date	2022-07-28
notes	https://nvd.nist.gov/vuln/detail/CVE-2014-7169
known_ransomware_campaign_use	`false`
source_date_published	`null`
exploit_type	`null`
platform	`null`
source_date_updated	`null`
data_source	KEV
source_url	`null`

date_added	2014-11-17
description	PHP < 5.6.2 - 'Shellshock' Safe Mode / disable_functions Bypass / Command Injection
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`false`
source_date_published	2014-11-03
exploit_type	webapps
platform	php
source_date_updated	2020-02-14
data_source	Exploit-DB
source_url

Severity_range_score 9.8 - 9.8

Exploitability 2.0

Weighted_severity 8.8

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-az8z-jtp2-tyhj

Vulnerability Instance