7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.948 High
EPSS
Percentile
99.3%
OpenSSL project reports:
Reclassified: RSA silently downgrades to EXPORT_RSA
[Client] (CVE-2015-0204). OpenSSL only.
Segmentation fault in ASN1_TYPE_cmp (CVE-2015-0286)
ASN.1 structure reuse memory corruption (CVE-2015-0287)
PKCS#7 NULL pointer dereferences (CVE-2015-0289)
Base64 decode (CVE-2015-0292). OpenSSL only.
DoS via reachable assert in SSLv2 servers
(CVE-2015-0293). OpenSSL only.
Use After Free following d2i_ECPrivatekey error
(CVE-2015-0209)
X509_to_X509_REQ NULL pointer deref (CVE-2015-0288)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | openssl | = 1.0.1 | UNKNOWN |
FreeBSD | any | noarch | openssl | < 1.0.1_19 | UNKNOWN |
FreeBSD | any | noarch | mingw32-openssl | = 1.0.1 | UNKNOWN |
FreeBSD | any | noarch | mingw32-openssl | < 1.0.1m | UNKNOWN |
FreeBSD | any | noarch | linux-c6-openssl | < 1.0.1e_4 | UNKNOWN |
FreeBSD | any | noarch | libressl | <= 2.1.5_1 | UNKNOWN |
FreeBSD | any | noarch | freebsd | = 10.1 | UNKNOWN |
FreeBSD | any | noarch | freebsd | < 10.1_8 | UNKNOWN |