CVE-2014-6271
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
CVSS
—
No CVSS
EPSS
100.0%
p100
KEV
YES
Jan 28, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
100.0%EPSS · 30 days100.0%
2026-06-302026-07-16
Product
GNU / Bourne-Again Shell (Bash)
Vulnerability
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
Added to KEV
Jan 28, 2022
Remediate by
Jul 28, 2022
Known ransomware use
No
Summary description
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2014-6271
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2014-7169—100.0%
KEV—80GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability—