AI Score
Confidence
Low
EPSS
Percentile
65.9%
PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
lists.opensuse.org/opensuse-updates/2014-11/msg00079.html
secunia.com/advisories/61220
polarssl.org/tech-updates/releases/polarssl-1.3.9-released