Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-ba3s-az62-fkdc

Summary security update

Aliases

alias	CVE-2014-6271

Fixed_packages

url pkg:deb/debian/bash@4.2%2Bdfsg-0.1%2Bdeb7u3

purl pkg:deb/debian/bash@4.2%2Bdfsg-0.1%2Bdeb7u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.2%252Bdfsg-0.1%252Bdeb7u3

url	pkg:deb/debian/bash@4.3-9.1?distro=trixie
purl	pkg:deb/debian/bash@4.3-9.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.3-9.1%3Fdistro=trixie

url pkg:deb/debian/bash@4.3-11

purl pkg:deb/debian/bash@4.3-11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-up13-8aex-7qfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.3-11

url pkg:deb/debian/bash@5.1-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/bash@5.1-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rc3z-84wf-pygu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.1-2%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/bash@5.2.15-2?distro=trixie
purl	pkg:deb/debian/bash@5.2.15-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.2.15-2%3Fdistro=trixie

url	pkg:deb/debian/bash@5.2.37-2?distro=trixie
purl	pkg:deb/debian/bash@5.2.37-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.2.37-2%3Fdistro=trixie

url	pkg:deb/debian/bash@5.3-2?distro=trixie
purl	pkg:deb/debian/bash@5.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.3-2%3Fdistro=trixie

url	pkg:ebuild/app-shells/bash@4.2_p48
purl	pkg:ebuild/app-shells/bash@4.2_p48
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/app-shells/bash@4.2_p48

Affected_packages

url pkg:deb/debian/bash@2.01.1-4

purl pkg:deb/debian/bash@2.01.1-4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.01.1-4

url pkg:deb/debian/bash@2.01.1-4.1

purl pkg:deb/debian/bash@2.01.1-4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.01.1-4.1

url pkg:deb/debian/bash@2.03-6

purl pkg:deb/debian/bash@2.03-6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.03-6

url pkg:deb/debian/bash@2.05a-11

purl pkg:deb/debian/bash@2.05a-11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.05a-11

url pkg:deb/debian/bash@2.05b-2-26

purl pkg:deb/debian/bash@2.05b-2-26

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.05b-2-26

url pkg:deb/debian/bash@3.1dfsg-8

purl pkg:deb/debian/bash@3.1dfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@3.1dfsg-8

url pkg:deb/debian/bash@3.2-4

purl pkg:deb/debian/bash@3.2-4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@3.2-4

url pkg:deb/debian/bash@4.1-3

purl pkg:deb/debian/bash@4.1-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.1-3

url pkg:deb/debian/bash@4.1-3%2Bdeb6u2

purl pkg:deb/debian/bash@4.1-3%2Bdeb6u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.1-3%252Bdeb6u2

url pkg:deb/debian/bash@4.2%2Bdfsg-0.1%2Bdeb7u3

purl pkg:deb/debian/bash@4.2%2Bdfsg-0.1%2Bdeb7u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.2%252Bdfsg-0.1%252Bdeb7u3

url pkg:rpm/redhat/bash@3.0-27.el4?arch=2

purl pkg:rpm/redhat/bash@3.0-27.el4?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ba3s-az62-fkdc

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.0-27.el4%3Farch=2

url pkg:rpm/redhat/bash@3.2-24.el5_6?arch=1

purl pkg:rpm/redhat/bash@3.2-24.el5_6?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ba3s-az62-fkdc

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.2-24.el5_6%3Farch=1

url pkg:rpm/redhat/bash@3.2-32.el5_9?arch=2

purl pkg:rpm/redhat/bash@3.2-32.el5_9?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ba3s-az62-fkdc

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.2-32.el5_9%3Farch=2

url pkg:rpm/redhat/bash@3.2-33.el5?arch=1

purl pkg:rpm/redhat/bash@3.2-33.el5?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ba3s-az62-fkdc

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.2-33.el5%3Farch=1

url pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis?arch=1

purl pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ba3s-az62-fkdc

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis%3Farch=1

url pkg:rpm/redhat/bash@4.1.2-9.el6_2?arch=1

purl pkg:rpm/redhat/bash@4.1.2-9.el6_2?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ba3s-az62-fkdc

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@4.1.2-9.el6_2%3Farch=1

url pkg:rpm/redhat/bash@4.1.2-15.el6_4?arch=1

purl pkg:rpm/redhat/bash@4.1.2-15.el6_4?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ba3s-az62-fkdc

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@4.1.2-15.el6_4%3Farch=1

url pkg:rpm/redhat/bash@4.1.2-15.el6_5?arch=1

purl pkg:rpm/redhat/bash@4.1.2-15.el6_5?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ba3s-az62-fkdc

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@4.1.2-15.el6_5%3Farch=1

url pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis?arch=1

purl pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ba3s-az62-fkdc

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis%3Farch=1

url pkg:rpm/redhat/bash@4.2.45-5.el7_0?arch=2

purl pkg:rpm/redhat/bash@4.2.45-5.el7_0?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ba3s-az62-fkdc

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@4.2.45-5.el7_0%3Farch=2

url pkg:rpm/redhat/rhev-hypervisor6@6.5-20140930.1?arch=el6ev

purl pkg:rpm/redhat/rhev-hypervisor6@6.5-20140930.1?arch=el6ev

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-qdev-8m9n-8bbr

vulnerability	VCID-yje9-sb3a-kubp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rhev-hypervisor6@6.5-20140930.1%3Farch=el6ev

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6271.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6271.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-6271

reference_id

reference_type

scores

value	0.9422
scoring_system	epss
scoring_elements	0.99925
published_at	2026-04-18T12:55:00Z

value	0.9422
scoring_system	epss
scoring_elements	0.99924
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-6271

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1141597

reference_id

1141597

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1141597

reference_url

https://access.redhat.com/articles/1200223

reference_id

1200223

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

https://access.redhat.com/articles/1200223

reference_url

https://access.redhat.com/node/1200223

reference_id

1200223

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

https://access.redhat.com/node/1200223

reference_url

http://www.kb.cert.org/vuls/id/252743

reference_id

252743

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://www.kb.cert.org/vuls/id/252743

reference_url

https://www.exploit-db.com/exploits/37816/

reference_id

37816

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

https://www.exploit-db.com/exploits/37816/

reference_url

https://www.exploit-db.com/exploits/38849/

reference_id

38849

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

https://www.exploit-db.com/exploits/38849/

reference_url

https://www.exploit-db.com/exploits/39918/

reference_id

39918

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

https://www.exploit-db.com/exploits/39918/

reference_url

https://www.exploit-db.com/exploits/40619/

reference_id

40619

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

https://www.exploit-db.com/exploits/40619/

reference_url

https://www.exploit-db.com/exploits/40938/

reference_id

40938

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

https://www.exploit-db.com/exploits/40938/

reference_url

https://www.exploit-db.com/exploits/42938/

reference_id

42938

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

https://www.exploit-db.com/exploits/42938/

reference_url

http://secunia.com/advisories/59272

reference_id

59272

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://secunia.com/advisories/59272

reference_url

http://secunia.com/advisories/59737

reference_id

59737

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://secunia.com/advisories/59737

reference_url

http://secunia.com/advisories/60947

reference_id

60947

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://secunia.com/advisories/60947

reference_url

http://secunia.com/advisories/61542

reference_id

61542

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://secunia.com/advisories/61542

reference_url

http://secunia.com/advisories/61547

reference_id

61547

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://secunia.com/advisories/61547

reference_url

http://secunia.com/advisories/61676

reference_id

61676

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://secunia.com/advisories/61676

reference_url

http://secunia.com/advisories/61700

reference_id

61700

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://secunia.com/advisories/61700

reference_url

http://secunia.com/advisories/61715

reference_id

61715

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://secunia.com/advisories/61715

reference_url

http://www.securityfocus.com/bid/70103

reference_id

70103

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://www.securityfocus.com/bid/70103

reference_url

http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html

reference_id

Apache-mod_cgi-Remote-Command-Execution.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html

reference_url

https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

reference_id

bash-specially-crafted-environment-variables-code-injection-attack

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

reference_url	https://github.com/HackerFantastic/Public/blob/777a32d7277e778386e650632fdd9643f0d812ac/exploits/trendmicro_IWSVA_shellshock.py
reference_id	CVE-2014-6271
reference_type	exploit
scores
url	https://github.com/HackerFantastic/Public/blob/777a32d7277e778386e650632fdd9643f0d812ac/exploits/trendmicro_IWSVA_shellshock.py

reference_url	https://github.com/HackerFantastic/Public/blob/8f5283534c3868814afc66d9e72963eced49c27b/exploits/rsshellshock.py
reference_id	CVE-2014-6271
reference_type	exploit
scores
url	https://github.com/HackerFantastic/Public/blob/8f5283534c3868814afc66d9e72963eced49c27b/exploits/rsshellshock.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/remote/39918.rb
reference_id	CVE-2014-6271
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/remote/39918.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/40619.py
reference_id	CVE-2014-6271
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/40619.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40938.py
reference_id	CVE-2014-6271
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40938.py

reference_url

http://support.novell.com/security/cve/CVE-2014-6271.html

reference_id

CVE-2014-6271.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://support.novell.com/security/cve/CVE-2014-6271.html

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42938.rb
reference_id	CVE-2014-6271;OSVDB-112004
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42938.rb

reference_url	https://raw.githubusercontent.com/rapid7/metasploit-framework/9b75ef7c367fd41f8010f7de2cb32f35503ed5e4/modules/exploits/unix/smtp/qmail_bash_env_exec.rb
reference_id	CVE-2014-6271;OSVDB-112004
reference_type	exploit
scores
url	https://raw.githubusercontent.com/rapid7/metasploit-framework/9b75ef7c367fd41f8010f7de2cb32f35503ed5e4/modules/exploits/unix/smtp/qmail_bash_env_exec.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34900.py
reference_id	CVE-2014-6278;CVE-2014-6271
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34900.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/remote/38849.rb
reference_id	CVE-2014-7196;OSVDB-112004;CVE-2014-6271
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/remote/38849.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/34839.py
reference_id	CVE-2014-7910;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;OSVDB-112004;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/34839.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35115.rb
reference_id	CVE-2014-7910;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;OSVDB-112004;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35115.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/35146.txt
reference_id	CVE-2014-7910;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;OSVDB-112004;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/35146.txt

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/34895.rb
reference_id	CVE-2014-7910;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;OSVDB-112004;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/34895.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34879.txt
reference_id	CVE-2014-7910;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;OSVDB-112004;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34879.txt

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34896.py
reference_id	CVE-2014-7910;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;OSVDB-112004;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34896.py

reference_url	https://github.com/d3vpp/metasploit-modules
reference_id	CVE-2014-7910;OSVDB-112004;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659
reference_type	exploit
scores
url	https://github.com/d3vpp/metasploit-modules

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/remote/34777.rb
reference_id	CVE-2014-7910;OSVDB-112004;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/remote/34777.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/36503.rb
reference_id	CVE-2014-7910;OSVDB-112004;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/36503.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/36504.rb
reference_id	CVE-2014-7910;OSVDB-112004;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/36504.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34765.txt
reference_id	CVE-2014-7910;OSVDB-112004;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34765.txt

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34766.php
reference_id	CVE-2014-7910;OSVDB-112004;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34766.php

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34862.rb
reference_id	CVE-2014-7910;OSVDB-112004;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34862.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/37816.txt
reference_id	CVE-2014-8008;CVE-2014-6271;OSVDB-126132;OSVDB-126131;OSVDB-117422
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/37816.txt

reference_url

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash

reference_id

CVE-2014-8008;CVE-2014-6271;OSVDB-126132;OSVDB-126131;OSVDB-117422

reference_type

exploit

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash

reference_url

http://www.debian.org/security/2014/dsa-3032

reference_id

dsa-3032

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://www.debian.org/security/2014/dsa-3032

reference_url

http://linux.oracle.com/errata/ELSA-2014-1293.html

reference_id

ELSA-2014-1293.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://linux.oracle.com/errata/ELSA-2014-1293.html

reference_url

http://linux.oracle.com/errata/ELSA-2014-1294.html

reference_id

ELSA-2014-1294.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://linux.oracle.com/errata/ELSA-2014-1294.html

reference_url	https://security.gentoo.org/glsa/201409-09
reference_id	GLSA-201409-09
reference_type
scores
url	https://security.gentoo.org/glsa/201409-09

reference_url

http://support.apple.com/kb/HT6495

reference_id

HT6495

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://support.apple.com/kb/HT6495

reference_url

http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html

reference_id

IPFire-Bash-Environment-Variable-Injection-Shellshock.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html

reference_url

http://marc.info/?l=bugtraq&m=141216207813411&w=2

reference_id

?l=bugtraq&m=141216207813411&w=2

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://marc.info/?l=bugtraq&m=141216207813411&w=2

reference_url

http://marc.info/?l=bugtraq&m=141216668515282&w=2

reference_id

?l=bugtraq&m=141216668515282&w=2

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://marc.info/?l=bugtraq&m=141216668515282&w=2

reference_url

http://marc.info/?l=bugtraq&m=141235957116749&w=2

reference_id

?l=bugtraq&m=141235957116749&w=2

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://marc.info/?l=bugtraq&m=141235957116749&w=2

reference_url

http://marc.info/?l=bugtraq&m=141319209015420&w=2

reference_id

?l=bugtraq&m=141319209015420&w=2

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://marc.info/?l=bugtraq&m=141319209015420&w=2

reference_url

http://marc.info/?l=bugtraq&m=141330425327438&w=2

reference_id

?l=bugtraq&m=141330425327438&w=2

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://marc.info/?l=bugtraq&m=141330425327438&w=2

reference_url

http://marc.info/?l=bugtraq&m=142719845423222&w=2

reference_id

?l=bugtraq&m=142719845423222&w=2

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://marc.info/?l=bugtraq&m=142719845423222&w=2

reference_url

http://advisories.mageia.org/MGASA-2014-0388.html

reference_id

MGASA-2014-0388.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://advisories.mageia.org/MGASA-2014-0388.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html

reference_id

msg00028.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html

reference_id

msg00029.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html

reference_id

msg00034.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html

reference_id

msg00040.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html

reference_id

msg00049.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html

reference_url

http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html

reference_id

quick-notes-about-bash-bug-its-impact.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html

reference_url	https://access.redhat.com/errata/RHSA-2014:1293
reference_id	RHSA-2014:1293
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1293

reference_url

http://rhn.redhat.com/errata/RHSA-2014-1293.html

reference_id

RHSA-2014-1293.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://rhn.redhat.com/errata/RHSA-2014-1293.html

reference_url	https://access.redhat.com/errata/RHSA-2014:1294
reference_id	RHSA-2014:1294
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1294

reference_url

http://rhn.redhat.com/errata/RHSA-2014-1294.html

reference_id

RHSA-2014-1294.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://rhn.redhat.com/errata/RHSA-2014-1294.html

reference_url	https://access.redhat.com/errata/RHSA-2014:1295
reference_id	RHSA-2014:1295
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1295

reference_url

http://rhn.redhat.com/errata/RHSA-2014-1295.html

reference_id

RHSA-2014-1295.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://rhn.redhat.com/errata/RHSA-2014-1295.html

reference_url	https://access.redhat.com/errata/RHSA-2014:1354
reference_id	RHSA-2014:1354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1354

reference_url

http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html

reference_id

SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html

reference_url

http://www.us-cert.gov/ncas/alerts/TA14-268A

reference_id

TA14-268A

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://www.us-cert.gov/ncas/alerts/TA14-268A

reference_url	https://usn.ubuntu.com/2362-1/
reference_id	USN-2362-1
reference_type
scores
url	https://usn.ubuntu.com/2362-1/

reference_url

http://www.ubuntu.com/usn/USN-2362-1

reference_id

USN-2362-1

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/

url

http://www.ubuntu.com/usn/USN-2362-1

Weaknesses

cwe_id	78
name	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
description	The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Exploits

date_added	2022-01-28
description	GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.
required_action	Apply updates per vendor instructions.
due_date	2022-07-28
notes	https://nvd.nist.gov/vuln/detail/CVE-2014-6271
known_ransomware_campaign_use	`false`
source_date_published	`null`
exploit_type	`null`
platform	`null`
source_date_updated	`null`
data_source	KEV
source_url	`null`

date_added	`null`
description	This module exploits a shellshock vulnerability on Qmail, a public domain MTA written in C that runs on Unix systems. Due to the lack of validation on the MAIL FROM field, it is possible to execute shell code on a system with a vulnerable BASH (Shellshock). This flaw works on the latest Qmail versions (qmail-1.03 and netqmail-1.06). However, in order to execute code, /bin/sh has to be linked to bash (usually default configuration) and a valid recipient must be set on the RCPT TO field (usually admin@exampledomain.com). The exploit does not work on the "qmailrocks" community version as it ensures the MAILFROM field is well-formed.
required_action	`null`
due_date	`null`
notes	Reliability: - unknown-reliability Stability: - unknown-stability SideEffects: - unknown-side-effects
known_ransomware_campaign_use	`false`
source_date_published	2014-09-24
exploit_type	`null`
platform	Unix
source_date_updated	`null`
data_source	Metasploit
source_url	https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/unix/smtp/qmail_bash_env_exec.rb

date_added	2014-11-17
description	PHP < 5.6.2 - 'Shellshock' Safe Mode / disable_functions Bypass / Command Injection
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`false`
source_date_published	2014-11-03
exploit_type	webapps
platform	php
source_date_updated	2020-02-14
data_source	Exploit-DB
source_url

Severity_range_score 5.1 - 9.8

Exploitability 2.0

Weighted_severity 8.8

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ba3s-az62-fkdc

Vulnerability Instance