Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-rj4z-edkc-pbdw
Vulnerability ID VCID-rj4z-edkc-pbdw
Aliases CVE-2014-9130
Summary security update
Status Published
Exploitability 0.5
Weighted Severity 4.5
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-617 Reachable Assertion
CWE-20 Improper Input Validation
System Score Found at
epss 0.54847 https://api.first.org/data/v1/epss?cve=CVE-2014-9130
epss 0.54847 https://api.first.org/data/v1/epss?cve=CVE-2014-9130
epss 0.54847 https://api.first.org/data/v1/epss?cve=CVE-2014-9130
epss 0.54847 https://api.first.org/data/v1/epss?cve=CVE-2014-9130
epss 0.54847 https://api.first.org/data/v1/epss?cve=CVE-2014-9130
epss 0.54847 https://api.first.org/data/v1/epss?cve=CVE-2014-9130
epss 0.54847 https://api.first.org/data/v1/epss?cve=CVE-2014-9130
epss 0.54847 https://api.first.org/data/v1/epss?cve=CVE-2014-9130
epss 0.54847 https://api.first.org/data/v1/epss?cve=CVE-2014-9130
epss 0.54847 https://api.first.org/data/v1/epss?cve=CVE-2014-9130
epss 0.54847 https://api.first.org/data/v1/epss?cve=CVE-2014-9130
epss 0.54847 https://api.first.org/data/v1/epss?cve=CVE-2014-9130
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2014-9130
Reference id Reference type URL
http://advisories.mageia.org/MGASA-2014-0508.html
http://linux.oracle.com/errata/ELSA-2015-0100.html
http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html
http://lists.opensuse.org/opensuse-updates/2016-04/msg00050.html
http://rhn.redhat.com/errata/RHSA-2015-0100.html
http://rhn.redhat.com/errata/RHSA-2015-0112.html
http://rhn.redhat.com/errata/RHSA-2015-0260.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9130.json
https://api.first.org/data/v1/epss?cve=CVE-2014-9130
https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130
http://secunia.com/advisories/59947
http://secunia.com/advisories/60944
http://secunia.com/advisories/62164
http://secunia.com/advisories/62174
http://secunia.com/advisories/62176
http://secunia.com/advisories/62705
http://secunia.com/advisories/62723
http://secunia.com/advisories/62774
https://exchange.xforce.ibmcloud.com/vulnerabilities/99047
https://puppet.com/security/cve/cve-2014-9130
http://www.debian.org/security/2014/dsa-3102
http://www.debian.org/security/2014/dsa-3103
http://www.debian.org/security/2014/dsa-3115
http://www.mandriva.com/security/advisories?name=MDVSA-2014:242
http://www.mandriva.com/security/advisories?name=MDVSA-2015:060
http://www.openwall.com/lists/oss-security/2014/11/28/1
http://www.openwall.com/lists/oss-security/2014/11/28/8
http://www.openwall.com/lists/oss-security/2014/11/29/3
http://www.securityfocus.com/bid/71349
http://www.ubuntu.com/usn/USN-2461-1
http://www.ubuntu.com/usn/USN-2461-2
http://www.ubuntu.com/usn/USN-2461-3
1169369 https://bugzilla.redhat.com/show_bug.cgi?id=1169369
771365 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771365
771366 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771366
772815 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772815
cpe:2.3:a:pyyaml:libyaml:0.1.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pyyaml:libyaml:0.1.5:*:*:*:*:*:*:*
cpe:2.3:a:pyyaml:libyaml:0.1.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pyyaml:libyaml:0.1.6:*:*:*:*:*:*:*
CVE-2014-9130 https://nvd.nist.gov/vuln/detail/CVE-2014-9130
RHSA-2015:0100 https://access.redhat.com/errata/RHSA-2015:0100
RHSA-2015:0112 https://access.redhat.com/errata/RHSA-2015:0112
RHSA-2015:0260 https://access.redhat.com/errata/RHSA-2015:0260
USN-2461-1 https://usn.ubuntu.com/2461-1/
USN-2461-2 https://usn.ubuntu.com/2461-2/
USN-2461-3 https://usn.ubuntu.com/2461-3/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2014-9130
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.98027
EPSS Score 0.54847
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:11:39.386042+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.0.0