{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103308?format=json","vulnerability_id":"VCID-hj5u-43kq-7qgq","summary":"Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.","aliases":[{"alias":"CVE-2014-0004"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/224563?format=json","purl":"pkg:deb/debian/udisks@1.0.4-7wheezy1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/udisks@1.0.4-7wheezy1"},{"url":"http://public2.vulnerablecode.io/api/packages/133232?format=json","purl":"pkg:deb/debian/udisks2@2.1.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/udisks2@2.1.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133233?format=json","purl":"pkg:deb/debian/udisks2@2.9.2-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/udisks2@2.9.2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133231?format=json","purl":"pkg:deb/debian/udisks2@2.9.4-4%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/udisks2@2.9.4-4%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133236?format=json","purl":"pkg:deb/debian/udisks2@2.10.1-12.1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/udisks2@2.10.1-12.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133234?format=json","purl":"pkg:deb/debian/udisks2@2.11.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/udisks2@2.11.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/191662?format=json","purl":"pkg:ebuild/sys-fs/udisks@2.1.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/sys-fs/udisks@2.1.3"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/224562?format=json","purl":"pkg:deb/debian/udisks@1.0.1%2Bgit20100614-3squeeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hj5u-43kq-7qgq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/udisks@1.0.1%252Bgit20100614-3squeeze1"},{"url":"http://public2.vulnerablecode.io/api/packages/177625?format=json","purl":"pkg:rpm/redhat/udisks@1.0.1-7?arch=el6_5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hj5u-43kq-7qgq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/udisks@1.0.1-7%3Farch=el6_5"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0004.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0004.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0004","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18036","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18115","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18117","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0004"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0004","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0004"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1049703","reference_id":"1049703","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1049703"},{"reference_url":"https://security.gentoo.org/glsa/201405-01","reference_id":"GLSA-201405-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0293","reference_id":"RHSA-2014:0293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0293"},{"reference_url":"https://usn.ubuntu.com/2142-1/","reference_id":"USN-2142-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2142-1/"}],"weaknesses":[{"cwe_id":121,"name":"Stack-based Buffer Overflow","description":"A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function)."}],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hj5u-43kq-7qgq"}