VDB
CVE-2014-3529
CVE-2014-3529
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Entity expansion (billion laughs) flaw
EPSS 5.23% · 90.1th percentile
Risk Scores
CVSS 2.0
4.300000190734863
EPSS Score
5.23%
90.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a, n/a, n/a |
| Maven | org.apache.poi:poi-ooxml | 0, 0, 0 |
| Maven | org.apache.poi:poi | 0, 0, 0 |
Timeline
- Sep 4, 2014 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21996759 url
- http://poi.apache.org/changes.html url
- 78018 vdb
- 61766 third-party-advisory
- https://lucene.apache.org/solr/solrnews.html#18-august-2014-recommendation-to-update-apache-poi-in-apache-solr-480-481-and-490-installations url
- apache-poi-cve20143529-info-disc(95770) vdb
- RHSA-2014:1370 vendor-advisory
- http://www.apache.org/dist/poi/release/RELEASE-NOTES.txt url
- 60419 third-party-advisory
- RHSA-2014:1400 vendor-advisory
- 69647 vdb
- RHSA-2014:1398 vendor-advisory
- 59943 third-party-advisory
- RHSA-2014:1399 vendor-advisory
- https://bugzilla.redhat.com/CVE-2014-3529 url
- https://issues.apache.org/bugzilla/show_bug.cgi?id=56164 url
- https://nvd.nist.gov/vuln/detail/CVE-2014-3529 advisory
- https://github.com/advisories/GHSA-q56h-jjj6-52mf advisory