Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-br5w-skmp-6bbv
Vulnerability ID VCID-br5w-skmp-6bbv
Aliases CVE-2014-8116
Summary security update
Status Published
Exploitability 0.5
Weighted Severity 4.5
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-400 Uncontrolled Resource Consumption
CWE-674 Uncontrolled Recursion
CWE-399 Resource Management Errors
System Score Found at
epss 0.15876 https://api.first.org/data/v1/epss?cve=CVE-2014-8116
epss 0.15876 https://api.first.org/data/v1/epss?cve=CVE-2014-8116
epss 0.15876 https://api.first.org/data/v1/epss?cve=CVE-2014-8116
epss 0.15876 https://api.first.org/data/v1/epss?cve=CVE-2014-8116
epss 0.15876 https://api.first.org/data/v1/epss?cve=CVE-2014-8116
epss 0.15876 https://api.first.org/data/v1/epss?cve=CVE-2014-8116
epss 0.15876 https://api.first.org/data/v1/epss?cve=CVE-2014-8116
epss 0.15876 https://api.first.org/data/v1/epss?cve=CVE-2014-8116
epss 0.15876 https://api.first.org/data/v1/epss?cve=CVE-2014-8116
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2014-8116
Reference id Reference type URL
http://advisories.mageia.org/MGASA-2015-0040.html
http://rhn.redhat.com/errata/RHSA-2016-0760.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8116.json
https://api.first.org/data/v1/epss?cve=CVE-2014-8116
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652
http://seclists.org/oss-sec/2014/q4/1056
http://secunia.com/advisories/61944
http://secunia.com/advisories/62081
https://github.com/file/file/blob/00cef282a902a4a6709bbbbb933ee397768caa38/ChangeLog
https://github.com/file/file/commit/b4c01141e5367f247b84dcaf6aefbb4e741842b8
https://github.com/file/file/commit/d7cdad007c507e6c79f51f058dd77fab70ceb9f6
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/71700
http://www.securitytracker.com/id/1031344
http://www.ubuntu.com/usn/USN-2494-1
1171580 https://bugzilla.redhat.com/show_bug.cgi?id=1171580
773148 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773148
cpe:2.3:a:file_project:file:5.20:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.20:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*
CVE-2014-8116 https://nvd.nist.gov/vuln/detail/CVE-2014-8116
RHSA-2015:2155 https://access.redhat.com/errata/RHSA-2015:2155
RHSA-2016:0760 https://access.redhat.com/errata/RHSA-2016:0760
USN-2494-1 https://usn.ubuntu.com/2494-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2014-8116
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.94715
EPSS Score 0.15876
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:11:30.190394+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.0.0