VulnerableCode Vulnerability Details - VCID-uhp8-5zvf-43eb

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-uhp8-5zvf-43eb

Essentials
Severities (11)
References (18)
Severity details (8)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-uhp8-5zvf-43eb
Aliases	CVE-2014-2682 GHSA-gp39-h9c2-qw79
Summary	security update
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (5)

CWE-611	Improper Restriction of XML External Entity Reference
CWE-776	Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-19	Data Processing Errors
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://advisories.mageia.org/MGASA-2014-0151.html
generic_textual	MODERATE	http://framework.zend.com/security/advisory/ZF2014-01
epss	0.01826	https://api.first.org/data/v1/epss?cve=CVE-2014-2682
epss	0.01826	https://api.first.org/data/v1/epss?cve=CVE-2014-2682
epss	0.01826	https://api.first.org/data/v1/epss?cve=CVE-2014-2682
generic_textual	MODERATE	http://seclists.org/oss-sec/2014/q2/0
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-gp39-h9c2-qw79
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2014-2682
generic_textual	MODERATE	https://web.archive.org/web/20140419041226/http://www.securityfocus.com/bid/66358
generic_textual	MODERATE	https://web.archive.org/web/20150523055201/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014:072/?name=MDVSA-2014:072
generic_textual	MODERATE	http://www.debian.org/security/2015/dsa-3265

Reference id	Reference type	URL
		http://advisories.mageia.org/MGASA-2014-0151.html
		http://framework.zend.com/security/advisory/ZF2014-01
		https://api.first.org/data/v1/epss?cve=CVE-2014-2682
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2681
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2682
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2683
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2684
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2685
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4914
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8088
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8089
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3154
		http://seclists.org/oss-sec/2014/q2/0
		https://nvd.nist.gov/vuln/detail/CVE-2014-2682
		https://web.archive.org/web/20140419041226/http://www.securityfocus.com/bid/66358
		https://web.archive.org/web/20150523055201/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014:072/?name=MDVSA-2014:072
		http://www.debian.org/security/2015/dsa-3265
GHSA-gp39-h9c2-qw79		https://github.com/advisories/GHSA-gp39-h9c2-qw79

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.83302
EPSS Score	0.01826
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-11T17:09:42.083569+00:00	Debian Oval Importer	Import	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.6.0