[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2014-4043":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":62,"aliases":72,"duplicate_of":9,"upstream":73,"downstream":74,"duplicates":89,"related":90,"reserved_at":9,"published_at":93,"modified_at":94,"state":95,"summary":96,"references_raw":104,"kevs":182,"epss":183,"epss_history":186,"metrics":434,"affected":439},"CVE-2014-4043","The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-94","Improper Control of Generation of Code ('Code Injection')","The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.","weakness","Draft","Base","Medium",[20,24,58],{"id":21,"name":22,"techniques":23},"CAPEC-242","Code Injection",[],{"id":25,"name":26,"techniques":27},"CAPEC-35","Leverage Executable Code in Non-Executable Files",[28,39,46],{"id":29,"name":30,"tactics":31,"countermeasures":38},"T1027.006","HTML Smuggling",[32,35],{"id":33,"name":34},"TA0030","Defense Evasion",{"id":36,"name":37},"TA0005","Stealth",[],{"id":40,"name":41,"tactics":42,"countermeasures":45},"T1027.009","Embedded Payloads",[43,44],{"id":33,"name":34},{"id":36,"name":37},[],{"id":47,"name":48,"tactics":49,"countermeasures":52},"T1564.009","Resource Forking",[50,51],{"id":33,"name":34},{"id":36,"name":37},[53],{"id":54,"name":55,"tactic":56},"D3-FFV","File Format Verification",{"name":57},"Isolate",{"id":59,"name":60,"techniques":61},"CAPEC-77","Manipulating User-Controlled Variables",[],[63],{"_key":64,"name":65,"source":66,"url":67,"maturity":68,"reliability_score":69,"verified":70,"type":9,"platforms":71,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_E361AF2E620428BE","Exploit Reference (bugzilla.redhat.com)","reference","https://bugzilla.redhat.com/show_bug.cgi?id=1109263","unknown",0.2,false,[],[],[],[75,77,79,81,83,85,87],{"_key":76},"OPENSUSE-SU-2024:10154-1",{"_key":78},"DLA-165-1",{"_key":80},"DSA-3169-1",{"_key":82},"MGASA-2014-0314",{"_key":84},"UBUNTU-CVE-2014-4043",{"_key":86},"USN-2306-1",{"_key":88},"DEBIAN-CVE-2014-4043",[],[91,92],{"_key":76},{"_key":82},"2014-10-06T23:00:00.000Z","2024-08-06T11:04:28.427Z","Modified",{"cisa_kev":70,"cisa_ransomware":70,"cisa_vendor":9,"epss_severity":97,"epss_score":98,"severity":99,"severity_score":100,"severity_version":101,"severity_source":102,"severity_vector":103,"severity_status":95},"low",0.01643,"high",7.5,"v2.0","nvd","AV:N/AC:L/Au:N/C:P/I:P/A:P",[105,111,117,121,126,130,134,140,145,150,154,160,165,170,174,178],{"url":106,"sources":107,"tags":109},"https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=blobdiff%3Bf=ChangeLog%3Bh=3020b9ac232315df362521aeaf85f21cb9926db8%3Bhp=d86e73963dd9fb5e21b1a28326630337226812aa%3Bhb=89e435f3559c53084498e9baad22172b64429362%3Bhpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845",[108,102],"cve.org",[110],"X Refsource CONFIRM",{"url":112,"sources":113,"tags":114},"http://www.securityfocus.com/bid/68006",[108,102],[115,116],"VDB Entry","X Refsource BID",{"url":118,"sources":119,"tags":120},"https://sourceware.org/bugzilla/show_bug.cgi?id=17048",[108,102],[110],{"url":122,"sources":123,"tags":124},"https://exchange.xforce.ibmcloud.com/vulnerabilities/93784",[108,102],[115,125],"X Refsource XF",{"url":67,"sources":127,"tags":128},[108,102],[110,129],"Exploit",{"url":131,"sources":132,"tags":133},"https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=89e435f3559c53084498e9baad22172b64429362",[108,102],[110],{"url":135,"sources":136,"tags":137},"https://security.gentoo.org/glsa/201503-04",[108,102],[138,139],"Vendor Advisory","X Refsource GENTOO",{"url":141,"sources":142,"tags":143},"http://www.mandriva.com/security/advisories?name=MDVSA-2014:152",[108,102],[138,144],"X Refsource MANDRIVA",{"url":146,"sources":147,"tags":148},"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00012.html",[108,102],[138,149],"X Refsource SUSE",{"url":151,"sources":152,"tags":153},"https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=blobdiff%3Bf=posix/spawn_faction_addopen.c%3Bh=40800b8e6e81341501c0fb8a91009529e2048dec%3Bhp=47f62425b696a4fdd511b2a057746322eb6518db%3Bhb=89e435f3559c53084498e9baad22172b64429362%3Bhpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845",[108,102],[110],{"url":155,"sources":156,"tags":157},"http://seclists.org/fulldisclosure/2019/Jun/18",[108,102],[158,159],"Mailing List","X Refsource FULLDISC",{"url":161,"sources":162,"tags":163},"https://seclists.org/bugtraq/2019/Jun/14",[108,102],[158,164],"X Refsource BUGTRAQ",{"url":166,"sources":167,"tags":168},"http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html",[108,102],[169],"X Refsource MISC",{"url":171,"sources":172,"tags":173},"http://seclists.org/fulldisclosure/2019/Sep/7",[108,102],[158,159],{"url":175,"sources":176,"tags":177},"https://seclists.org/bugtraq/2019/Sep/7",[108,102],[158,164],{"url":179,"sources":180,"tags":181},"http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html",[108,102],[169],[],{"date":184,"score":98,"percentile":185},"2026-06-04",0.82297,[187,190,192,194,197,200,203,206,209,212,215,218,221,223,225,228,231,234,237,240,243,245,248,250,252,254,257,260,263,266,269,272,275,278,280,282,285,288,291,294,297,300,303,306,309,312,315,317,320,323,326,329,332,334,337,340,342,345,348,351,354,357,360,363,365,367,370,372,375,378,380,382,385,387,390,393,396,398,400,403,406,409,412,415,417,420,423,426,428,431],{"date":188,"score":98,"percentile":189},"2025-11-04",0.81337,{"date":191,"score":98,"percentile":189},"2025-11-05",{"date":193,"score":98,"percentile":189},"2025-11-06",{"date":195,"score":98,"percentile":196},"2025-11-07",0.81348,{"date":198,"score":98,"percentile":199},"2025-11-08",0.81356,{"date":201,"score":98,"percentile":202},"2025-11-09",0.81352,{"date":204,"score":98,"percentile":205},"2025-11-10",0.81347,{"date":207,"score":98,"percentile":208},"2025-11-11",0.81354,{"date":210,"score":98,"percentile":211},"2025-11-12",0.81366,{"date":213,"score":98,"percentile":214},"2025-11-13",0.81373,{"date":216,"score":98,"percentile":217},"2025-11-14",0.81378,{"date":219,"score":98,"percentile":220},"2025-11-15",0.81374,{"date":222,"score":98,"percentile":220},"2025-11-16",{"date":224,"score":98,"percentile":214},"2025-11-17",{"date":226,"score":98,"percentile":227},"2025-11-18",0.80435,{"date":229,"score":98,"percentile":230},"2025-11-19",0.80437,{"date":232,"score":98,"percentile":233},"2025-11-20",0.80443,{"date":235,"score":98,"percentile":236},"2025-11-21",0.81387,{"date":238,"score":98,"percentile":239},"2025-11-22",0.81394,{"date":241,"score":98,"percentile":242},"2025-11-23",0.81385,{"date":244,"score":98,"percentile":242},"2025-11-24",{"date":246,"score":98,"percentile":247},"2025-11-25",0.81386,{"date":249,"score":98,"percentile":236},"2025-11-26",{"date":251,"score":98,"percentile":239},"2025-11-27",{"date":253,"score":98,"percentile":247},"2025-11-28",{"date":255,"score":98,"percentile":256},"2025-11-29",0.81392,{"date":258,"score":98,"percentile":259},"2025-11-30",0.81397,{"date":261,"score":98,"percentile":262},"2025-12-01",0.81474,{"date":264,"score":98,"percentile":265},"2025-12-02",0.81477,{"date":267,"score":98,"percentile":268},"2025-12-03",0.81476,{"date":270,"score":98,"percentile":271},"2025-12-04",0.81396,{"date":273,"score":98,"percentile":274},"2025-12-05",0.81406,{"date":276,"score":98,"percentile":277},"2025-12-06",0.81407,{"date":279,"score":98,"percentile":274},"2025-12-07",{"date":281,"score":98,"percentile":277},"2025-12-08",{"date":283,"score":98,"percentile":284},"2025-12-09",0.81425,{"date":286,"score":98,"percentile":287},"2025-12-10",0.8145,{"date":289,"score":98,"percentile":290},"2025-12-11",0.8146,{"date":292,"score":98,"percentile":293},"2025-12-12",0.81471,{"date":295,"score":98,"percentile":296},"2025-12-13",0.81472,{"date":298,"score":98,"percentile":299},"2025-12-14",0.81469,{"date":301,"score":98,"percentile":302},"2025-12-15",0.81464,{"date":304,"score":98,"percentile":305},"2025-12-16",0.81475,{"date":307,"score":98,"percentile":308},"2025-12-17",0.81481,{"date":310,"score":98,"percentile":311},"2025-12-18",0.81495,{"date":313,"score":98,"percentile":314},"2025-12-19",0.815,{"date":316,"score":98,"percentile":311},"2025-12-20",{"date":318,"score":98,"percentile":319},"2025-12-21",0.81492,{"date":321,"score":98,"percentile":322},"2025-12-22",0.81491,{"date":324,"score":98,"percentile":325},"2025-12-23",0.81494,{"date":327,"score":98,"percentile":328},"2025-12-24",0.81504,{"date":330,"score":98,"percentile":331},"2025-12-25",0.81522,{"date":333,"score":98,"percentile":331},"2025-12-26",{"date":335,"score":98,"percentile":336},"2025-12-27",0.81554,{"date":338,"score":98,"percentile":339},"2025-12-28",0.81508,{"date":341,"score":98,"percentile":328},"2025-12-29",{"date":343,"score":98,"percentile":344},"2025-12-30",0.81512,{"date":346,"score":98,"percentile":347},"2025-12-31",0.81525,{"date":349,"score":98,"percentile":350},"2026-01-01",0.81597,{"date":352,"score":98,"percentile":353},"2026-01-02",0.81593,{"date":355,"score":98,"percentile":356},"2026-01-03",0.81587,{"date":358,"score":98,"percentile":359},"2026-01-04",0.81502,{"date":361,"score":98,"percentile":362},"2026-01-05",0.81497,{"date":364,"score":98,"percentile":359},"2026-01-06",{"date":366,"score":98,"percentile":328},"2026-01-07",{"date":368,"score":98,"percentile":369},"2026-01-08",0.81514,{"date":371,"score":98,"percentile":369},"2026-01-09",{"date":373,"score":98,"percentile":374},"2026-01-10",0.81516,{"date":376,"score":98,"percentile":377},"2026-01-11",0.81509,{"date":379,"score":98,"percentile":359},"2026-01-12",{"date":381,"score":98,"percentile":314},"2026-01-13",{"date":383,"score":98,"percentile":384},"2026-01-14",0.81521,{"date":386,"score":98,"percentile":384},"2026-01-15",{"date":388,"score":98,"percentile":389},"2026-01-16",0.8153,{"date":391,"score":98,"percentile":392},"2026-01-17",0.81536,{"date":394,"score":98,"percentile":395},"2026-01-18",0.81528,{"date":397,"score":98,"percentile":384},"2026-01-19",{"date":399,"score":98,"percentile":347},"2026-01-20",{"date":401,"score":98,"percentile":402},"2026-01-21",0.81531,{"date":404,"score":98,"percentile":405},"2026-01-22",0.8154,{"date":407,"score":98,"percentile":408},"2026-01-23",0.81565,{"date":410,"score":98,"percentile":411},"2026-01-24",0.81573,{"date":413,"score":98,"percentile":414},"2026-01-25",0.81566,{"date":416,"score":98,"percentile":408},"2026-01-26",{"date":418,"score":98,"percentile":419},"2026-01-27",0.81564,{"date":421,"score":98,"percentile":422},"2026-01-28",0.81562,{"date":424,"score":98,"percentile":425},"2026-01-29",0.81561,{"date":427,"score":98,"percentile":425},"2026-01-30",{"date":429,"score":98,"percentile":430},"2026-01-31",0.81567,{"date":432,"score":98,"percentile":433},"2026-02-01",0.81648,[435],{"source":102,"cvss_v2_0":436,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":100,"baseSeverity":9,"vectorString":103,"impactScore":437,"exploitabilityScore":438},6.4,10,[440,451],{"ecosystem":9,"name":441,"vendor":442,"product":441,"cpe_part":443,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":444},"glibc","gnu","a",[445],{"version":446,"is_range":447,"range_type":448,"version_start":9,"version_start_type":9,"version_end":449,"version_end_type":450,"fixed_in":9},"lte2.19",true,"cpe","2.19","including",{"ecosystem":9,"name":452,"vendor":452,"product":452,"cpe_part":453,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":454},"opensuse","o",[455],{"version":456,"is_range":70,"range_type":448,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.1"]