Search for vulnerabilities
Vulnerability details: VCID-8tep-qhty-5fbp
Vulnerability ID VCID-8tep-qhty-5fbp
Aliases CVE-2014-3556
Summary STARTTLS command injection
Status Published
Exploitability 0.5
Weighted Severity 3.5
Risk 1.8
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.16751 https://api.first.org/data/v1/epss?cve=CVE-2014-3556
epss 0.16751 https://api.first.org/data/v1/epss?cve=CVE-2014-3556
epss 0.16751 https://api.first.org/data/v1/epss?cve=CVE-2014-3556
epss 0.16751 https://api.first.org/data/v1/epss?cve=CVE-2014-3556
epss 0.42434 https://api.first.org/data/v1/epss?cve=CVE-2014-3556
epss 0.42434 https://api.first.org/data/v1/epss?cve=CVE-2014-3556
epss 0.42434 https://api.first.org/data/v1/epss?cve=CVE-2014-3556
epss 0.42434 https://api.first.org/data/v1/epss?cve=CVE-2014-3556
epss 0.42434 https://api.first.org/data/v1/epss?cve=CVE-2014-3556
epss 0.42434 https://api.first.org/data/v1/epss?cve=CVE-2014-3556
epss 0.42434 https://api.first.org/data/v1/epss?cve=CVE-2014-3556
epss 0.42434 https://api.first.org/data/v1/epss?cve=CVE-2014-3556
epss 0.42434 https://api.first.org/data/v1/epss?cve=CVE-2014-3556
epss 0.42434 https://api.first.org/data/v1/epss?cve=CVE-2014-3556
generic_textual medium https://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3556.json
https://api.first.org/data/v1/epss?cve=CVE-2014-3556
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556
https://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html
https://nginx.org/download/patch.2014.starttls.txt
https://nginx.org/download/patch.2014.starttls.txt.asc
1126891 https://bugzilla.redhat.com/show_bug.cgi?id=1126891
757196 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757196
CVE-2014-3556 https://nvd.nist.gov/vuln/detail/CVE-2014-3556
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.94704
EPSS Score 0.16751
Published At Aug. 1, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:03:12.711697+00:00 Nginx Importer Import https://nginx.org/en/security_advisories.html 37.0.0