VulnerableCode Vulnerability Details - VCID-ke1s-451y-p3cz

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-ke1s-451y-p3cz

Essentials
Severities (10)
References (13)
Severity details (1)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-ke1s-451y-p3cz
Aliases	CVE-2014-0098
Summary	A flaw was found in mod_log_config. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM.
Status	Published
Exploitability	0.5
Weighted Severity	2.1
Risk	1.1
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-228	Improper Handling of Syntactically Invalid Structure
CWE-125	Out-of-bounds Read

System	Score	Found at
epss	0.4102	https://api.first.org/data/v1/epss?cve=CVE-2014-0098
epss	0.4102	https://api.first.org/data/v1/epss?cve=CVE-2014-0098
epss	0.4102	https://api.first.org/data/v1/epss?cve=CVE-2014-0098
epss	0.4102	https://api.first.org/data/v1/epss?cve=CVE-2014-0098
epss	0.4102	https://api.first.org/data/v1/epss?cve=CVE-2014-0098
epss	0.4102	https://api.first.org/data/v1/epss?cve=CVE-2014-0098
epss	0.4102	https://api.first.org/data/v1/epss?cve=CVE-2014-0098
epss	0.4102	https://api.first.org/data/v1/epss?cve=CVE-2014-0098
epss	0.4102	https://api.first.org/data/v1/epss?cve=CVE-2014-0098
apache_httpd	low	https://httpd.apache.org/security/json/CVE-2014-0098.json

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json
		https://api.first.org/data/v1/epss?cve=CVE-2014-0098
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098
1077871		https://bugzilla.redhat.com/show_bug.cgi?id=1077871
CVE-2014-0098		https://httpd.apache.org/security/json/CVE-2014-0098.json
GLSA-201408-12		https://security.gentoo.org/glsa/201408-12
RHSA-2014:0369		https://access.redhat.com/errata/RHSA-2014:0369
RHSA-2014:0370		https://access.redhat.com/errata/RHSA-2014:0370
RHSA-2014:0783		https://access.redhat.com/errata/RHSA-2014:0783
RHSA-2014:0784		https://access.redhat.com/errata/RHSA-2014:0784
RHSA-2014:0825		https://access.redhat.com/errata/RHSA-2014:0825
RHSA-2014:0826		https://access.redhat.com/errata/RHSA-2014:0826
USN-2152-1		https://usn.ubuntu.com/2152-1/

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.97357
EPSS Score	0.4102
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:36:19.268775+00:00	Apache HTTPD Importer	Import	https://httpd.apache.org/security/json/CVE-2014-0098.json	38.0.0