CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
Percentile
83.0%
A regression in PolarSSL 1.3.8 resulted in servers negotiating a weaker signature algorithm than available. This has been fixed in PolarSSL 1.3.9 (CVE-2014-8627). Two remotely-triggerable memory leaks were found by the Codenomicon Defensics tool and fixed in PolarSSL 1.3.9 (CVE-2014-8628).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 3 | noarch | polarssl | < 1.3.9-1 | polarssl-1.3.9-1.mga3 |
Mageia | 4 | noarch | polarssl | < 1.3.9-1 | polarssl-1.3.9-1.mga4 |