{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57892?format=json","vulnerability_id":"VCID-ba3s-az62-fkdc","summary":"security update","aliases":[{"alias":"CVE-2014-6271"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571521?format=json","purl":"pkg:deb/debian/bash@4.2%2Bdfsg-0.1%2Bdeb7u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.2%252Bdfsg-0.1%252Bdeb7u3"},{"url":"http://public2.vulnerablecode.io/api/packages/585976?format=json","purl":"pkg:deb/debian/bash@4.3-9.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.3-9.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1051161?format=json","purl":"pkg:deb/debian/bash@4.3-11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-up13-8aex-7qfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.3-11"},{"url":"http://public2.vulnerablecode.io/api/packages/583050?format=json","purl":"pkg:deb/debian/bash@5.1-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-rc3z-84wf-pygu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.1-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583051?format=json","purl":"pkg:deb/debian/bash@5.2.15-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.2.15-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583052?format=json","purl":"pkg:deb/debian/bash@5.2.37-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.2.37-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583053?format=json","purl":"pkg:deb/debian/bash@5.3-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.3-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1102897?format=json","purl":"pkg:deb/debian/bash@5.3-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.3-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/85518?format=json","purl":"pkg:ebuild/app-shells/bash@4.2_p48","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-shells/bash@4.2_p48"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571512?format=json","purl":"pkg:deb/debian/bash@2.01.1-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-twyf-cbfd-hka1"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.01.1-4"},{"url":"http://public2.vulnerablecode.io/api/packages/571513?format=json","purl":"pkg:deb/debian/bash@2.01.1-4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-twyf-cbfd-hka1"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.01.1-4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/571514?format=json","purl":"pkg:deb/debian/bash@2.03-6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-twyf-cbfd-hka1"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.03-6"},{"url":"http://public2.vulnerablecode.io/api/packages/571515?format=json","purl":"pkg:deb/debian/bash@2.05a-11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-twyf-cbfd-hka1"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.05a-11"},{"url":"http://public2.vulnerablecode.io/api/packages/571516?format=json","purl":"pkg:deb/debian/bash@2.05b-2-26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-twyf-cbfd-hka1"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.05b-2-26"},{"url":"http://public2.vulnerablecode.io/api/packages/571517?format=json","purl":"pkg:deb/debian/bash@3.1dfsg-8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-twyf-cbfd-hka1"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@3.1dfsg-8"},{"url":"http://public2.vulnerablecode.io/api/packages/571518?format=json","purl":"pkg:deb/debian/bash@3.2-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-twyf-cbfd-hka1"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@3.2-4"},{"url":"http://public2.vulnerablecode.io/api/packages/571519?format=json","purl":"pkg:deb/debian/bash@4.1-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.1-3"},{"url":"http://public2.vulnerablecode.io/api/packages/571520?format=json","purl":"pkg:deb/debian/bash@4.1-3%2Bdeb6u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.1-3%252Bdeb6u2"},{"url":"http://public2.vulnerablecode.io/api/packages/571521?format=json","purl":"pkg:deb/debian/bash@4.2%2Bdfsg-0.1%2Bdeb7u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.2%252Bdfsg-0.1%252Bdeb7u3"},{"url":"http://public2.vulnerablecode.io/api/packages/121294?format=json","purl":"pkg:rpm/redhat/bash@3.0-27.el4?arch=2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ba3s-az62-fkdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.0-27.el4%3Farch=2"},{"url":"http://public2.vulnerablecode.io/api/packages/121295?format=json","purl":"pkg:rpm/redhat/bash@3.2-24.el5_6?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ba3s-az62-fkdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.2-24.el5_6%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/121296?format=json","purl":"pkg:rpm/redhat/bash@3.2-32.el5_9?arch=2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ba3s-az62-fkdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.2-32.el5_9%3Farch=2"},{"url":"http://public2.vulnerablecode.io/api/packages/121298?format=json","purl":"pkg:rpm/redhat/bash@3.2-33.el5?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ba3s-az62-fkdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.2-33.el5%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/121297?format=json","purl":"pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ba3s-az62-fkdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/121301?format=json","purl":"pkg:rpm/redhat/bash@4.1.2-9.el6_2?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ba3s-az62-fkdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@4.1.2-9.el6_2%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/121302?format=json","purl":"pkg:rpm/redhat/bash@4.1.2-15.el6_4?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ba3s-az62-fkdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@4.1.2-15.el6_4%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/121300?format=json","purl":"pkg:rpm/redhat/bash@4.1.2-15.el6_5?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ba3s-az62-fkdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@4.1.2-15.el6_5%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/121303?format=json","purl":"pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ba3s-az62-fkdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/121299?format=json","purl":"pkg:rpm/redhat/bash@4.2.45-5.el7_0?arch=2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ba3s-az62-fkdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bash@4.2.45-5.el7_0%3Farch=2"},{"url":"http://public2.vulnerablecode.io/api/packages/121287?format=json","purl":"pkg:rpm/redhat/rhev-hypervisor6@6.5-20140930.1?arch=el6ev","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-qdev-8m9n-8bbr"},{"vulnerability":"VCID-yje9-sb3a-kubp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rhev-hypervisor6@6.5-20140930.1%3Farch=el6ev"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6271.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6271.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6271","reference_id":"","reference_type":"","scores":[{"value":"0.94213","scoring_system":"epss","scoring_elements":"0.99923","published_at":"2026-04-21T12:55:00Z"},{"value":"0.9422","scoring_system":"epss","scoring_elements":"0.99927","published_at":"2026-05-16T12:55:00Z"},{"value":"0.9422","scoring_system":"epss","scoring_elements":"0.99924","published_at":"2026-04-04T12:55:00Z"},{"value":"0.9422","scoring_system":"epss","scoring_elements":"0.99925","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1141597","reference_id":"1141597","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1141597"},{"reference_url":"https://access.redhat.com/articles/1200223","reference_id":"1200223","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"https://access.redhat.com/articles/1200223"},{"reference_url":"https://access.redhat.com/node/1200223","reference_id":"1200223","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"https://access.redhat.com/node/1200223"},{"reference_url":"http://www.kb.cert.org/vuls/id/252743","reference_id":"252743","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://www.kb.cert.org/vuls/id/252743"},{"reference_url":"https://www.exploit-db.com/exploits/37816/","reference_id":"37816","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"https://www.exploit-db.com/exploits/37816/"},{"reference_url":"https://www.exploit-db.com/exploits/38849/","reference_id":"38849","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"https://www.exploit-db.com/exploits/38849/"},{"reference_url":"https://www.exploit-db.com/exploits/39918/","reference_id":"39918","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"https://www.exploit-db.com/exploits/39918/"},{"reference_url":"https://www.exploit-db.com/exploits/40619/","reference_id":"40619","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"https://www.exploit-db.com/exploits/40619/"},{"reference_url":"https://www.exploit-db.com/exploits/40938/","reference_id":"40938","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"https://www.exploit-db.com/exploits/40938/"},{"reference_url":"https://www.exploit-db.com/exploits/42938/","reference_id":"42938","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"https://www.exploit-db.com/exploits/42938/"},{"reference_url":"http://secunia.com/advisories/59272","reference_id":"59272","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://secunia.com/advisories/59272"},{"reference_url":"http://secunia.com/advisories/59737","reference_id":"59737","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://secunia.com/advisories/59737"},{"reference_url":"http://secunia.com/advisories/60947","reference_id":"60947","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://secunia.com/advisories/60947"},{"reference_url":"http://secunia.com/advisories/61542","reference_id":"61542","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://secunia.com/advisories/61542"},{"reference_url":"http://secunia.com/advisories/61547","reference_id":"61547","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://secunia.com/advisories/61547"},{"reference_url":"http://secunia.com/advisories/61676","reference_id":"61676","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://secunia.com/advisories/61676"},{"reference_url":"http://secunia.com/advisories/61700","reference_id":"61700","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://secunia.com/advisories/61700"},{"reference_url":"http://secunia.com/advisories/61715","reference_id":"61715","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://secunia.com/advisories/61715"},{"reference_url":"http://www.securityfocus.com/bid/70103","reference_id":"70103","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://www.securityfocus.com/bid/70103"},{"reference_url":"http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html","reference_id":"Apache-mod_cgi-Remote-Command-Execution.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"},{"reference_url":"https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/","reference_id":"bash-specially-crafted-environment-variables-code-injection-attack","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"},{"reference_url":"https://github.com/HackerFantastic/Public/blob/777a32d7277e778386e650632fdd9643f0d812ac/exploits/trendmicro_IWSVA_shellshock.py","reference_id":"CVE-2014-6271","reference_type":"exploit","scores":[],"url":"https://github.com/HackerFantastic/Public/blob/777a32d7277e778386e650632fdd9643f0d812ac/exploits/trendmicro_IWSVA_shellshock.py"},{"reference_url":"https://github.com/HackerFantastic/Public/blob/8f5283534c3868814afc66d9e72963eced49c27b/exploits/rsshellshock.py","reference_id":"CVE-2014-6271","reference_type":"exploit","scores":[],"url":"https://github.com/HackerFantastic/Public/blob/8f5283534c3868814afc66d9e72963eced49c27b/exploits/rsshellshock.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/remote/39918.rb","reference_id":"CVE-2014-6271","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/remote/39918.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/40619.py","reference_id":"CVE-2014-6271","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/40619.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40938.py","reference_id":"CVE-2014-6271","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40938.py"},{"reference_url":"http://support.novell.com/security/cve/CVE-2014-6271.html","reference_id":"CVE-2014-6271.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://support.novell.com/security/cve/CVE-2014-6271.html"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42938.rb","reference_id":"CVE-2014-6271;OSVDB-112004","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42938.rb"},{"reference_url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/9b75ef7c367fd41f8010f7de2cb32f35503ed5e4/modules/exploits/unix/smtp/qmail_bash_env_exec.rb","reference_id":"CVE-2014-6271;OSVDB-112004","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/9b75ef7c367fd41f8010f7de2cb32f35503ed5e4/modules/exploits/unix/smtp/qmail_bash_env_exec.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34900.py","reference_id":"CVE-2014-6278;CVE-2014-6271","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34900.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/remote/38849.rb","reference_id":"CVE-2014-7196;OSVDB-112004;CVE-2014-6271","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/remote/38849.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/34839.py","reference_id":"CVE-2014-7910;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;OSVDB-112004;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/34839.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35115.rb","reference_id":"CVE-2014-7910;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;OSVDB-112004;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35115.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/35146.txt","reference_id":"CVE-2014-7910;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;OSVDB-112004;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/35146.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/34895.rb","reference_id":"CVE-2014-7910;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;OSVDB-112004;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/34895.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34879.txt","reference_id":"CVE-2014-7910;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;OSVDB-112004;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34879.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34896.py","reference_id":"CVE-2014-7910;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;OSVDB-112004;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34896.py"},{"reference_url":"https://github.com/d3vpp/metasploit-modules","reference_id":"CVE-2014-7910;OSVDB-112004;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659","reference_type":"exploit","scores":[],"url":"https://github.com/d3vpp/metasploit-modules"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/remote/34777.rb","reference_id":"CVE-2014-7910;OSVDB-112004;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/remote/34777.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/36503.rb","reference_id":"CVE-2014-7910;OSVDB-112004;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/36503.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/36504.rb","reference_id":"CVE-2014-7910;OSVDB-112004;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/36504.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34765.txt","reference_id":"CVE-2014-7910;OSVDB-112004;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34765.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34766.php","reference_id":"CVE-2014-7910;OSVDB-112004;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34766.php"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34862.rb","reference_id":"CVE-2014-7910;OSVDB-112004;CVE-2014-7227;CVE-2014-7196;CVE-2014-7169;CVE-2014-62771;CVE-2014-6271;CVE-2014-3671;CVE-2014-3659","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34862.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/37816.txt","reference_id":"CVE-2014-8008;CVE-2014-6271;OSVDB-126132;OSVDB-126131;OSVDB-117422","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/37816.txt"},{"reference_url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash","reference_id":"CVE-2014-8008;CVE-2014-6271;OSVDB-126132;OSVDB-126131;OSVDB-117422","reference_type":"exploit","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"},{"reference_url":"http://www.debian.org/security/2014/dsa-3032","reference_id":"dsa-3032","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://www.debian.org/security/2014/dsa-3032"},{"reference_url":"http://linux.oracle.com/errata/ELSA-2014-1293.html","reference_id":"ELSA-2014-1293.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://linux.oracle.com/errata/ELSA-2014-1293.html"},{"reference_url":"http://linux.oracle.com/errata/ELSA-2014-1294.html","reference_id":"ELSA-2014-1294.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://linux.oracle.com/errata/ELSA-2014-1294.html"},{"reference_url":"https://security.gentoo.org/glsa/201409-09","reference_id":"GLSA-201409-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201409-09"},{"reference_url":"http://support.apple.com/kb/HT6495","reference_id":"HT6495","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://support.apple.com/kb/HT6495"},{"reference_url":"http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html","reference_id":"IPFire-Bash-Environment-Variable-Injection-Shellshock.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=141216207813411&w=2","reference_id":"?l=bugtraq&m=141216207813411&w=2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://marc.info/?l=bugtraq&m=141216207813411&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141216668515282&w=2","reference_id":"?l=bugtraq&m=141216668515282&w=2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://marc.info/?l=bugtraq&m=141216668515282&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141235957116749&w=2","reference_id":"?l=bugtraq&m=141235957116749&w=2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://marc.info/?l=bugtraq&m=141235957116749&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141319209015420&w=2","reference_id":"?l=bugtraq&m=141319209015420&w=2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://marc.info/?l=bugtraq&m=141319209015420&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141330425327438&w=2","reference_id":"?l=bugtraq&m=141330425327438&w=2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://marc.info/?l=bugtraq&m=141330425327438&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142719845423222&w=2","reference_id":"?l=bugtraq&m=142719845423222&w=2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://marc.info/?l=bugtraq&m=142719845423222&w=2"},{"reference_url":"http://advisories.mageia.org/MGASA-2014-0388.html","reference_id":"MGASA-2014-0388.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://advisories.mageia.org/MGASA-2014-0388.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html","reference_id":"msg00028.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html","reference_id":"msg00029.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html","reference_id":"msg00034.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html","reference_id":"msg00040.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html","reference_id":"msg00049.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"},{"reference_url":"http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html","reference_id":"quick-notes-about-bash-bug-its-impact.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1293","reference_id":"RHSA-2014:1293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1293"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1293.html","reference_id":"RHSA-2014-1293.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1293.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1294","reference_id":"RHSA-2014:1294","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1294"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1294.html","reference_id":"RHSA-2014-1294.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1294.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1295","reference_id":"RHSA-2014:1295","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1295"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1295.html","reference_id":"RHSA-2014-1295.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1295.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1354","reference_id":"RHSA-2014:1354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1354"},{"reference_url":"http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html","reference_id":"SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"},{"reference_url":"http://www.us-cert.gov/ncas/alerts/TA14-268A","reference_id":"TA14-268A","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://www.us-cert.gov/ncas/alerts/TA14-268A"},{"reference_url":"https://usn.ubuntu.com/2362-1/","reference_id":"USN-2362-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2362-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-2362-1","reference_id":"USN-2362-1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:45:49Z/"}],"url":"http://www.ubuntu.com/usn/USN-2362-1"}],"weaknesses":[{"cwe_id":78,"name":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","description":"The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component."}],"exploits":[{"date_added":"2014-11-17","description":"PHP < 5.6.2 - 'Shellshock' Safe Mode / disable_functions Bypass / Command Injection","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":false,"source_date_published":"2014-11-03","exploit_type":"webapps","platform":"php","source_date_updated":"2020-02-14","data_source":"Exploit-DB","source_url":""},{"date_added":null,"description":"This module exploits a shellshock vulnerability on Qmail, a public\n          domain MTA written in C that runs on Unix systems.\n          Due to the lack of validation on the MAIL FROM field, it is possible to\n          execute shell code on a system with a vulnerable BASH (Shellshock).\n          This flaw works on the latest Qmail versions (qmail-1.03 and\n          netqmail-1.06).\n          However, in order to execute code, /bin/sh has to be linked to bash\n          (usually default configuration) and a valid recipient must be set on the\n          RCPT TO field (usually admin@exampledomain.com).\n          The exploit does not work on the \"qmailrocks\" community version\n          as it ensures the MAILFROM field is well-formed.","required_action":null,"due_date":null,"notes":"Reliability:\n  - unknown-reliability\nStability:\n  - unknown-stability\nSideEffects:\n  - unknown-side-effects\n","known_ransomware_campaign_use":false,"source_date_published":"2014-09-24","exploit_type":null,"platform":"Unix","source_date_updated":null,"data_source":"Metasploit","source_url":"https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/unix/smtp/qmail_bash_env_exec.rb"},{"date_added":"2022-01-28","description":"GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.","required_action":"Apply updates per vendor instructions.","due_date":"2022-07-28","notes":"https://nvd.nist.gov/vuln/detail/CVE-2014-6271","known_ransomware_campaign_use":false,"source_date_published":null,"exploit_type":null,"platform":null,"source_date_updated":null,"data_source":"KEV","source_url":null}],"severity_range_score":"5.1 - 9.8","exploitability":"2.0","weighted_severity":"8.8","risk_score":10.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ba3s-az62-fkdc"}