VDB
CVE-2014-3574
CVE-2014-3574
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Entity expansion (billion laughs) flaw
EPSS 12.57% · 94.1th percentile
Risk Scores
CVSS 2.0
4.300000190734863
EPSS Score
12.57%
94.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Maven | org.apache.poi:poi-ooxml | 0, 0, 0 |
| n/a | n/a | n/a, n/a, n/a |
| Maven | org.apache.poi:poi | 0, 0, 0 |
Timeline
- Sep 4, 2014 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
- Oct 29, 2023 EPSS Score
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21996759 url
- 69648 vdb
- http://poi.apache.org/changes.html url
- 61766 third-party-advisory
- https://lucene.apache.org/solr/solrnews.html#18-august-2014-recommendation-to-update-apache-poi-in-apache-solr-480-481-and-490-installations url
- RHSA-2014:1370 vendor-advisory
- http://www.apache.org/dist/poi/release/RELEASE-NOTES.txt url
- 60419 third-party-advisory
- apache-poi-cve20143574-dos(95768) vdb
- RHSA-2014:1400 vendor-advisory
- RHSA-2014:1398 vendor-advisory
- 59943 third-party-advisory
- RHSA-2014:1399 vendor-advisory
- https://bugzilla.redhat.com/CVE-2014-3574 url
- https://issues.apache.org/bugzilla/show_bug.cgi?id=54764 url
- https://nvd.nist.gov/vuln/detail/CVE-2014-3574 advisory
- https://github.com/advisories/GHSA-5wfp-8643-c58x advisory