{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105902?format=json","vulnerability_id":"VCID-8d56-3k4a-c7hy","summary":"The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal EAP server or (2) a RADIUS server and EAP-pwd is enabled in a runtime configuration, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message.","aliases":[{"alias":"CVE-2015-5314"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4283?format=json","purl":"pkg:deb/debian/wpa@2.3-1%2Bdeb8u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ba4-zp3t-j7b7"},{"vulnerability":"VCID-1eva-m1zn-dbbs"},{"vulnerability":"VCID-2pae-t1zg-d7dy"},{"vulnerability":"VCID-2u68-nqzd-pqcu"},{"vulnerability":"VCID-57qp-9n3e-g7g7"},{"vulnerability":"VCID-5uqd-9srx-buhb"},{"vulnerability":"VCID-64pb-r9pk-3bfk"},{"vulnerability":"VCID-6jb3-mw38-gqaf"},{"vulnerability":"VCID-7fuh-9z2r-ekee"},{"vulnerability":"VCID-7kes-xst7-z3d3"},{"vulnerability":"VCID-7q6k-mpk6-t7bv"},{"vulnerability":"VCID-7y9t-7akx-afg7"},{"vulnerability":"VCID-84gv-j3vy-kbhp"},{"vulnerability":"VCID-8d56-3k4a-c7hy"},{"vulnerability":"VCID-awmy-cpam-xqah"},{"vulnerability":"VCID-b8k9-3pnn-ekgs"},{"vulnerability":"VCID-bugv-6pzr-tuhy"},{"vulnerability":"VCID-c1uc-msuh-bbgq"},{"vulnerability":"VCID-c6rb-kwrq-uubn"},{"vulnerability":"VCID-cmpu-sjnc-qyc9"},{"vulnerability":"VCID-d17v-v7yt-5kb3"},{"vulnerability":"VCID-dc5z-thyu-sqhb"},{"vulnerability":"VCID-dvkq-285n-9kaw"},{"vulnerability":"VCID-edpz-qhd8-jfez"},{"vulnerability":"VCID-fwsj-n5rh-53h1"},{"vulnerability":"VCID-hxn4-6y6j-83cz"},{"vulnerability":"VCID-kj7b-sur9-hfhb"},{"vulnerability":"VCID-kyvg-q58s-cfff"},{"vulnerability":"VCID-m6c2-crap-b3b7"},{"vulnerability":"VCID-mwc1-rpqz-uqcj"},{"vulnerability":"VCID-n7rh-f4mj-jbdq"},{"vulnerability":"VCID-p4b2-1g26-nkd2"},{"vulnerability":"VCID-p6m7-m2w8-uybh"},{"vulnerability":"VCID-qv3p-mcnx-gfh9"},{"vulnerability":"VCID-s7gm-17ms-53fd"},{"vulnerability":"VCID-s91q-7xur-gudp"},{"vulnerability":"VCID-sz7g-jw53-yyf1"},{"vulnerability":"VCID-up8e-3hxu-73ah"},{"vulnerability":"VCID-uyg6-fyc7-fqf5"},{"vulnerability":"VCID-vgs9-juev-53d2"},{"vulnerability":"VCID-w1t7-99j6-ducn"},{"vulnerability":"VCID-w27s-tf26-t7fb"},{"vulnerability":"VCID-yj2a-e823-nyfw"},{"vulnerability":"VCID-yv7z-2x73-xygy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wpa@2.3-1%252Bdeb8u5"},{"url":"http://public2.vulnerablecode.io/api/packages/135404?format=json","purl":"pkg:deb/debian/wpa@2.3-2.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wpa@2.3-2.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/5005?format=json","purl":"pkg:deb/debian/wpa@2:2.4-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ba4-zp3t-j7b7"},{"vulnerability":"VCID-1eva-m1zn-dbbs"},{"vulnerability":"VCID-2pae-t1zg-d7dy"},{"vulnerability":"VCID-57qp-9n3e-g7g7"},{"vulnerability":"VCID-5uqd-9srx-buhb"},{"vulnerability":"VCID-64pb-r9pk-3bfk"},{"vulnerability":"VCID-6jb3-mw38-gqaf"},{"vulnerability":"VCID-7fuh-9z2r-ekee"},{"vulnerability":"VCID-7kes-xst7-z3d3"},{"vulnerability":"VCID-7q6k-mpk6-t7bv"},{"vulnerability":"VCID-84gv-j3vy-kbhp"},{"vulnerability":"VCID-awmy-cpam-xqah"},{"vulnerability":"VCID-b8k9-3pnn-ekgs"},{"vulnerability":"VCID-c6rb-kwrq-uubn"},{"vulnerability":"VCID-cmpu-sjnc-qyc9"},{"vulnerability":"VCID-d17v-v7yt-5kb3"},{"vulnerability":"VCID-dc5z-thyu-sqhb"},{"vulnerability":"VCID-kj7b-sur9-hfhb"},{"vulnerability":"VCID-m6c2-crap-b3b7"},{"vulnerability":"VCID-n7rh-f4mj-jbdq"},{"vulnerability":"VCID-p4b2-1g26-nkd2"},{"vulnerability":"VCID-p6m7-m2w8-uybh"},{"vulnerability":"VCID-s91q-7xur-gudp"},{"vulnerability":"VCID-sz7g-jw53-yyf1"},{"vulnerability":"VCID-up8e-3hxu-73ah"},{"vulnerability":"VCID-vgs9-juev-53d2"},{"vulnerability":"VCID-w1t7-99j6-ducn"},{"vulnerability":"VCID-w27s-tf26-t7fb"},{"vulnerability":"VCID-yj2a-e823-nyfw"},{"vulnerability":"VCID-yv7z-2x73-xygy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wpa@2:2.4-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/135393?format=json","purl":"pkg:deb/debian/wpa@2:2.9.0-21%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wpa@2:2.9.0-21%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135391?format=json","purl":"pkg:deb/debian/wpa@2:2.10-12%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wpa@2:2.10-12%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135395?format=json","purl":"pkg:deb/debian/wpa@2:2.10-24?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wpa@2:2.10-24%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135394?format=json","purl":"pkg:deb/debian/wpa@2:2.10-25?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wpa@2:2.10-25%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4281?format=json","purl":"pkg:deb/debian/wpa@1.0-3%2Bdeb7u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ba4-zp3t-j7b7"},{"vulnerability":"VCID-1eva-m1zn-dbbs"},{"vulnerability":"VCID-2pae-t1zg-d7dy"},{"vulnerability":"VCID-2u68-nqzd-pqcu"},{"vulnerability":"VCID-57qp-9n3e-g7g7"},{"vulnerability":"VCID-5uqd-9srx-buhb"},{"vulnerability":"VCID-64pb-r9pk-3bfk"},{"vulnerability":"VCID-6jb3-mw38-gqaf"},{"vulnerability":"VCID-7fuh-9z2r-ekee"},{"vulnerability":"VCID-7kes-xst7-z3d3"},{"vulnerability":"VCID-7q6k-mpk6-t7bv"},{"vulnerability":"VCID-7y9t-7akx-afg7"},{"vulnerability":"VCID-84gv-j3vy-kbhp"},{"vulnerability":"VCID-8d56-3k4a-c7hy"},{"vulnerability":"VCID-awmy-cpam-xqah"},{"vulnerability":"VCID-b8k9-3pnn-ekgs"},{"vulnerability":"VCID-bugv-6pzr-tuhy"},{"vulnerability":"VCID-c1uc-msuh-bbgq"},{"vulnerability":"VCID-c6rb-kwrq-uubn"},{"vulnerability":"VCID-cmpu-sjnc-qyc9"},{"vulnerability":"VCID-d17v-v7yt-5kb3"},{"vulnerability":"VCID-dc5z-thyu-sqhb"},{"vulnerability":"VCID-dvkq-285n-9kaw"},{"vulnerability":"VCID-edpz-qhd8-jfez"},{"vulnerability":"VCID-fwsj-n5rh-53h1"},{"vulnerability":"VCID-hxn4-6y6j-83cz"},{"vulnerability":"VCID-kj7b-sur9-hfhb"},{"vulnerability":"VCID-kyvg-q58s-cfff"},{"vulnerability":"VCID-m6c2-crap-b3b7"},{"vulnerability":"VCID-mwc1-rpqz-uqcj"},{"vulnerability":"VCID-n7rh-f4mj-jbdq"},{"vulnerability":"VCID-p4b2-1g26-nkd2"},{"vulnerability":"VCID-p6m7-m2w8-uybh"},{"vulnerability":"VCID-qv3p-mcnx-gfh9"},{"vulnerability":"VCID-s7gm-17ms-53fd"},{"vulnerability":"VCID-s91q-7xur-gudp"},{"vulnerability":"VCID-sz7g-jw53-yyf1"},{"vulnerability":"VCID-ttwt-unqp-mbec"},{"vulnerability":"VCID-up8e-3hxu-73ah"},{"vulnerability":"VCID-uyg6-fyc7-fqf5"},{"vulnerability":"VCID-vgs9-juev-53d2"},{"vulnerability":"VCID-w1t7-99j6-ducn"},{"vulnerability":"VCID-w27s-tf26-t7fb"},{"vulnerability":"VCID-yj2a-e823-nyfw"},{"vulnerability":"VCID-yv7z-2x73-xygy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wpa@1.0-3%252Bdeb7u3"},{"url":"http://public2.vulnerablecode.io/api/packages/4282?format=json","purl":"pkg:deb/debian/wpa@2.3-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ba4-zp3t-j7b7"},{"vulnerability":"VCID-1eva-m1zn-dbbs"},{"vulnerability":"VCID-2pae-t1zg-d7dy"},{"vulnerability":"VCID-2u68-nqzd-pqcu"},{"vulnerability":"VCID-57qp-9n3e-g7g7"},{"vulnerability":"VCID-5uqd-9srx-buhb"},{"vulnerability":"VCID-64pb-r9pk-3bfk"},{"vulnerability":"VCID-6jb3-mw38-gqaf"},{"vulnerability":"VCID-7fuh-9z2r-ekee"},{"vulnerability":"VCID-7kes-xst7-z3d3"},{"vulnerability":"VCID-7q6k-mpk6-t7bv"},{"vulnerability":"VCID-7y9t-7akx-afg7"},{"vulnerability":"VCID-84gv-j3vy-kbhp"},{"vulnerability":"VCID-8d56-3k4a-c7hy"},{"vulnerability":"VCID-awmy-cpam-xqah"},{"vulnerability":"VCID-b8k9-3pnn-ekgs"},{"vulnerability":"VCID-bugv-6pzr-tuhy"},{"vulnerability":"VCID-c1uc-msuh-bbgq"},{"vulnerability":"VCID-c6rb-kwrq-uubn"},{"vulnerability":"VCID-cmpu-sjnc-qyc9"},{"vulnerability":"VCID-d17v-v7yt-5kb3"},{"vulnerability":"VCID-dc5z-thyu-sqhb"},{"vulnerability":"VCID-dvkq-285n-9kaw"},{"vulnerability":"VCID-edpz-qhd8-jfez"},{"vulnerability":"VCID-fwsj-n5rh-53h1"},{"vulnerability":"VCID-hxn4-6y6j-83cz"},{"vulnerability":"VCID-kj7b-sur9-hfhb"},{"vulnerability":"VCID-kyvg-q58s-cfff"},{"vulnerability":"VCID-m6c2-crap-b3b7"},{"vulnerability":"VCID-mwc1-rpqz-uqcj"},{"vulnerability":"VCID-n7rh-f4mj-jbdq"},{"vulnerability":"VCID-p4b2-1g26-nkd2"},{"vulnerability":"VCID-p6m7-m2w8-uybh"},{"vulnerability":"VCID-qv3p-mcnx-gfh9"},{"vulnerability":"VCID-s7gm-17ms-53fd"},{"vulnerability":"VCID-s91q-7xur-gudp"},{"vulnerability":"VCID-sz7g-jw53-yyf1"},{"vulnerability":"VCID-up8e-3hxu-73ah"},{"vulnerability":"VCID-uyg6-fyc7-fqf5"},{"vulnerability":"VCID-vgs9-juev-53d2"},{"vulnerability":"VCID-w1t7-99j6-ducn"},{"vulnerability":"VCID-w27s-tf26-t7fb"},{"vulnerability":"VCID-yj2a-e823-nyfw"},{"vulnerability":"VCID-yv7z-2x73-xygy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wpa@2.3-1"},{"url":"http://public2.vulnerablecode.io/api/packages/4283?format=json","purl":"pkg:deb/debian/wpa@2.3-1%2Bdeb8u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ba4-zp3t-j7b7"},{"vulnerability":"VCID-1eva-m1zn-dbbs"},{"vulnerability":"VCID-2pae-t1zg-d7dy"},{"vulnerability":"VCID-2u68-nqzd-pqcu"},{"vulnerability":"VCID-57qp-9n3e-g7g7"},{"vulnerability":"VCID-5uqd-9srx-buhb"},{"vulnerability":"VCID-64pb-r9pk-3bfk"},{"vulnerability":"VCID-6jb3-mw38-gqaf"},{"vulnerability":"VCID-7fuh-9z2r-ekee"},{"vulnerability":"VCID-7kes-xst7-z3d3"},{"vulnerability":"VCID-7q6k-mpk6-t7bv"},{"vulnerability":"VCID-7y9t-7akx-afg7"},{"vulnerability":"VCID-84gv-j3vy-kbhp"},{"vulnerability":"VCID-8d56-3k4a-c7hy"},{"vulnerability":"VCID-awmy-cpam-xqah"},{"vulnerability":"VCID-b8k9-3pnn-ekgs"},{"vulnerability":"VCID-bugv-6pzr-tuhy"},{"vulnerability":"VCID-c1uc-msuh-bbgq"},{"vulnerability":"VCID-c6rb-kwrq-uubn"},{"vulnerability":"VCID-cmpu-sjnc-qyc9"},{"vulnerability":"VCID-d17v-v7yt-5kb3"},{"vulnerability":"VCID-dc5z-thyu-sqhb"},{"vulnerability":"VCID-dvkq-285n-9kaw"},{"vulnerability":"VCID-edpz-qhd8-jfez"},{"vulnerability":"VCID-fwsj-n5rh-53h1"},{"vulnerability":"VCID-hxn4-6y6j-83cz"},{"vulnerability":"VCID-kj7b-sur9-hfhb"},{"vulnerability":"VCID-kyvg-q58s-cfff"},{"vulnerability":"VCID-m6c2-crap-b3b7"},{"vulnerability":"VCID-mwc1-rpqz-uqcj"},{"vulnerability":"VCID-n7rh-f4mj-jbdq"},{"vulnerability":"VCID-p4b2-1g26-nkd2"},{"vulnerability":"VCID-p6m7-m2w8-uybh"},{"vulnerability":"VCID-qv3p-mcnx-gfh9"},{"vulnerability":"VCID-s7gm-17ms-53fd"},{"vulnerability":"VCID-s91q-7xur-gudp"},{"vulnerability":"VCID-sz7g-jw53-yyf1"},{"vulnerability":"VCID-up8e-3hxu-73ah"},{"vulnerability":"VCID-uyg6-fyc7-fqf5"},{"vulnerability":"VCID-vgs9-juev-53d2"},{"vulnerability":"VCID-w1t7-99j6-ducn"},{"vulnerability":"VCID-w27s-tf26-t7fb"},{"vulnerability":"VCID-yj2a-e823-nyfw"},{"vulnerability":"VCID-yv7z-2x73-xygy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wpa@2.3-1%252Bdeb8u5"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5314","reference_id":"","reference_type":"","scores":[{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78829","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78855","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78862","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78853","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4141","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4141"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4142","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4143","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4146","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4146"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8041"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804708","reference_id":"804708","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804708"},{"reference_url":"https://usn.ubuntu.com/2808-1/","reference_id":"USN-2808-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2808-1/"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8d56-3k4a-c7hy"}