{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T04:31:01.265","vulnerabilities":[{"cve":{"id":"CVE-2014-2095","sourceIdentifier":"cve@mitre.org","published":"2014-02-26T14:55:08.583","lastModified":"2025-04-12T10:46:40.837","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0, when a Fedora package such as 0.8.2-1 is not used, allows local users to gain privileges via a Trojan horse bin/catfish.pyc under the current working directory."},{"lang":"es","value":"Vulnerabilidad de búsqueda de ruta no confiable en Catfish 0.6.0 hasta 1.0.0, cuando un paquete Fedora como 0.8.2-1 no es utilizado, permite a usuarios locales ganar privilegios a través de un caballo de troya en bin/catfish.pyc bajo el directorio de trabajo actual."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:catfish_project:catfish:0.6.0:*:*:*:*:*:*:*","matchCriteriaId":"A59D5A2D-28D1-4EFE-BA6B-3D5954A78A55"},{"vulnerable":true,"criteria":"cpe:2.3:a:catfish_project:catfish:0.6.1:*:*:*:*:*:*:*","matchCriteriaId":"C0E9B60A-A07A-4E89-B690-C9B54F2B7F8B"},{"vulnerable":true,"criteria":"cpe:2.3:a:catfish_project:catfish:0.6.2:*:*:*:*:*:*:*","matchCriteriaId":"B972FF27-B156-419D-8033-C61C613C8AE9"},{"vulnerable":true,"criteria":"cpe:2.3:a:catfish_project:catfish:0.6.3:*:*:*:*:*:*:*","matchCriteriaId":"8488972F-3BB8-4FE4-AE3E-0EFAB55ED490"},{"vulnerable":true,"criteria":"cpe:2.3:a:catfish_project:catfish:0.6.4:*:*:*:*:*:*:*","matchCriteriaId":"12645E1B-2624-488E-9E02-0B5F520C3B85"},{"vulnerable":true,"criteria":"cpe:2.3:a:catfish_project:catfish:0.8.0:*:*:*:*:*:*:*","matchCriteriaId":"62051C89-8F1D-4E82-AF3E-0FB6259B0F18"},{"vulnerable":true,"criteria":"cpe:2.3:a:catfish_project:catfish:0.8.1:*:*:*:*:*:*:*","matchCriteriaId":"4D681028-1742-4815-92C4-5DFDC152475F"},{"vulnerable":true,"criteria":"cpe:2.3:a:catfish_project:catfish:0.8.2:*:*:*:*:*:*:*","matchCriteriaId":"B3AD28D9-5220-4250-8B79-35E88471B792"},{"vulnerable":true,"criteria":"cpe:2.3:a:catfish_project:catfish:1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0C7ED3A9-6DCF-4469-9BB8-063B24E6F637"}]}]}],"references":[{"url":"http://openwall.com/lists/oss-security/2014/02/25/2","source":"cve@mitre.org"},{"url":"http://openwall.com/lists/oss-security/2014/02/25/4","source":"cve@mitre.org"},{"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739958","source":"cve@mitre.org"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1069396","source":"cve@mitre.org"},{"url":"http://openwall.com/lists/oss-security/2014/02/25/2","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://openwall.com/lists/oss-security/2014/02/25/4","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739958","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1069396","source":"af854a3a-2127-422b-91ae-364da2661108"}],"evaluatorComment":"Per: http://cwe.mitre.org/data/definitions/426.html\n\n\"CWE-426: Untrusted Search Path\""}}]}