CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9016

The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes (aka phpass) module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.798

EPSS Ranking 99.0%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2014-9016

Drupal » Drupal » Version: 7.0

cpe:2.3:a:drupal:drupal:7.0
Drupal » Drupal » Version: 7.1

cpe:2.3:a:drupal:drupal:7.1
Drupal » Drupal » Version: 7.10

cpe:2.3:a:drupal:drupal:7.10
Drupal » Drupal » Version: 7.11

cpe:2.3:a:drupal:drupal:7.11
Drupal » Drupal » Version: 7.12

cpe:2.3:a:drupal:drupal:7.12
Drupal » Drupal » Version: 7.13

cpe:2.3:a:drupal:drupal:7.13
Drupal » Drupal » Version: 7.14

cpe:2.3:a:drupal:drupal:7.14
Drupal » Drupal » Version: 7.15

cpe:2.3:a:drupal:drupal:7.15
Drupal » Drupal » Version: 7.16

cpe:2.3:a:drupal:drupal:7.16
Drupal » Drupal » Version: 7.17

cpe:2.3:a:drupal:drupal:7.17
Drupal » Drupal » Version: 7.18

cpe:2.3:a:drupal:drupal:7.18
Drupal » Drupal » Version: 7.19

cpe:2.3:a:drupal:drupal:7.19
Drupal » Drupal » Version: 7.2

cpe:2.3:a:drupal:drupal:7.2
Drupal » Drupal » Version: 7.20

cpe:2.3:a:drupal:drupal:7.20
Drupal » Drupal » Version: 7.21

cpe:2.3:a:drupal:drupal:7.21
Drupal » Drupal » Version: 7.22

cpe:2.3:a:drupal:drupal:7.22
Drupal » Drupal » Version: 7.23

cpe:2.3:a:drupal:drupal:7.23
Drupal » Drupal » Version: 7.24

cpe:2.3:a:drupal:drupal:7.24
Drupal » Drupal » Version: 7.25

cpe:2.3:a:drupal:drupal:7.25
Drupal » Drupal » Version: 7.26

cpe:2.3:a:drupal:drupal:7.26
Drupal » Drupal » Version: 7.27

cpe:2.3:a:drupal:drupal:7.27
Drupal » Drupal » Version: 7.28

cpe:2.3:a:drupal:drupal:7.28
Drupal » Drupal » Version: 7.29

cpe:2.3:a:drupal:drupal:7.29
Drupal » Drupal » Version: 7.3

cpe:2.3:a:drupal:drupal:7.3
Drupal » Drupal » Version: 7.30

cpe:2.3:a:drupal:drupal:7.30
Drupal » Drupal » Version: 7.31

cpe:2.3:a:drupal:drupal:7.31
Drupal » Drupal » Version: 7.32

cpe:2.3:a:drupal:drupal:7.32
Drupal » Drupal » Version: 7.33

cpe:2.3:a:drupal:drupal:7.33
Drupal » Drupal » Version: 7.4

cpe:2.3:a:drupal:drupal:7.4
Drupal » Drupal » Version: 7.5

cpe:2.3:a:drupal:drupal:7.5
Drupal » Drupal » Version: 7.6

cpe:2.3:a:drupal:drupal:7.6
Drupal » Drupal » Version: 7.7

cpe:2.3:a:drupal:drupal:7.7
Drupal » Drupal » Version: 7.8

cpe:2.3:a:drupal:drupal:7.8
Drupal » Drupal » Version: 7.9

cpe:2.3:a:drupal:drupal:7.9
Secure Password Hashes Project » Secure Passwords Hashes » Version: 6.x-2.0

cpe:2.3:a:secure_password_hashes_project:secure_passwords_hashes:6.x-2.0
Debian » Debian Linux » Version: 7.0

cpe:2.3:o:debian:debian_linux:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9016

Products

Pricing

Contact Us