Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-rwak-wvuw-qbcg
Vulnerability ID VCID-rwak-wvuw-qbcg
Aliases CVE-2014-4975
GHSA-gxj7-mcpg-jpr6
OSV-108971
Summary security update
Status Published
Exploitability 0.5
Weighted Severity 4.5
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-193 Off-by-one Error
CWE-121 Stack-based Buffer Overflow
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
epss 0.03449 https://api.first.org/data/v1/epss?cve=CVE-2014-4975
epss 0.03449 https://api.first.org/data/v1/epss?cve=CVE-2014-4975
epss 0.03449 https://api.first.org/data/v1/epss?cve=CVE-2014-4975
epss 0.03449 https://api.first.org/data/v1/epss?cve=CVE-2014-4975
epss 0.03449 https://api.first.org/data/v1/epss?cve=CVE-2014-4975
epss 0.03449 https://api.first.org/data/v1/epss?cve=CVE-2014-4975
epss 0.03449 https://api.first.org/data/v1/epss?cve=CVE-2014-4975
epss 0.03449 https://api.first.org/data/v1/epss?cve=CVE-2014-4975
epss 0.03449 https://api.first.org/data/v1/epss?cve=CVE-2014-4975
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2014-4975
Reference id Reference type URL
http://advisories.mageia.org/MGASA-2014-0472.html
http://rhn.redhat.com/errata/RHSA-2014-1912.html
http://rhn.redhat.com/errata/RHSA-2014-1913.html
http://rhn.redhat.com/errata/RHSA-2014-1914.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4975.json
https://api.first.org/data/v1/epss?cve=CVE-2014-4975
https://bugs.ruby-lang.org/issues/10019
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8090
https://exchange.xforce.ibmcloud.com/vulnerabilities/94706
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46778
http://www.debian.org/security/2015/dsa-3157
http://www.mandriva.com/security/advisories?name=MDVSA-2015:129
http://www.openwall.com/lists/oss-security/2014/07/09/13
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/68474
http://www.ubuntu.com/usn/USN-2397-1
1118158 https://bugzilla.redhat.com/show_bug.cgi?id=1118158
cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:2.1:-:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1:-:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:2.1:preview1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1:preview1:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
CVE-2014-4975 https://nvd.nist.gov/vuln/detail/CVE-2014-4975
RHSA-2014:1912 https://access.redhat.com/errata/RHSA-2014:1912
RHSA-2014:1913 https://access.redhat.com/errata/RHSA-2014:1913
RHSA-2014:1914 https://access.redhat.com/errata/RHSA-2014:1914
USN-2397-1 https://usn.ubuntu.com/2397-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2014-4975
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.87454
EPSS Score 0.03449
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:11:09.967195+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.0.0