When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected.

nessus 51

openvas 39

cve 1

ibm 59

redhat 2

debiancve 1

debian 3

osv 2

veracode 2

cvelist 1

prion 1

f5 3

centos 2

ubuntucve 1

nvd 1

cloudfoundry 1

fedora 2

amazon 1

aix 1

freebsd_advisory 1

kaspersky 1

altlinux 4

oraclelinux 5

mageia 1

ubuntu 1

freebsd 1

slackware 1

symantec 1

fortinet 1

cisco 1

archlinux 1

nodejsblog 1

gentoo 1

suse 3

paloalto 1

nessus

SUSE SLED11 / SLES11 Security Update : openssl (SUSE-SU-2015:2275-1)

2015-12-17 00:00:00

RHEL 5 : openssl (RHSA-2015:2616)

2015-12-14 00:00:00

F5 Networks BIG-IP : OpenSSL vulnerability (K12824341)

2016-05-18 00:00:00

openvas

CentOS Update for openssl CESA-2015:2616 centos5

2015-12-15 00:00:00

SUSE: Security Advisory (SUSE-SU-2015:2342-1)

2021-06-09 00:00:00

OpenSSL 'X509_ATTRIBUTE' Information Disclosure Vulnerability - Linux

2015-12-23 00:00:00

cve

CVE-2015-3195

2015-12-06 20:59:05

ibm

Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Management Module (IMM) (CVE-2015-3195)

2023-04-14 14:32:25

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cognos Controller (CVE-2015-3195)

2018-06-15 22:42:18

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Sterling Connect:Direct for UNIX (CVE-2015-3194, CVE-2015-3195).

2020-07-24 22:19:08

redhat

(RHSA-2015:2616) Moderate: openssl security update

2015-12-14 00:00:00

(RHSA-2015:2617) Moderate: openssl security update

2015-12-14 00:00:00

debiancve

CVE-2015-3195

2015-12-06 20:59:05

debian

[SECURITY] [DLA 358-1] openssl security update

2015-12-03 22:20:02

[SECURITY] [DSA 3413-1] openssl security update

2015-12-04 07:43:46

[SECURITY] [DSA 3413-1] openssl security update

2015-12-04 07:43:46

osv

openssl - security update

2015-12-03 00:00:00

openssl - security update

2015-12-04 00:00:00

veracode

Denial Of Service (DoS)

2019-01-15 09:09:10

Denial Of Service (DoS)

2017-02-10 01:19:05

cvelist

CVE-2015-3195

2015-12-06 00:00:00

prion

Information disclosure

2015-12-06 20:59:00

SOL12824341 - OpenSSL vulnerability CVE-2015-3195

2015-12-04 00:00:00

K12824341 : OpenSSL vulnerability CVE-2015-3195

2015-12-04 00:00:00

SOL90542710 - OpenSSL vulnerabilities CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, and CVE-2015-1794

2015-12-03 00:00:00

centos

openssl security update

2015-12-14 23:02:16

openssl security update

2015-12-14 11:00:46

ubuntucve

CVE-2015-3195

2015-12-03 00:00:00

nvd

CVE-2015-3195

2015-12-06 20:59:05

cloudfoundry

USN-2830-1 OpenSSL vulnerability | Cloud Foundry

2016-01-07 00:00:00

fedora

[SECURITY] Fedora 22 Update: openssl-1.0.1k-13.fc22

2015-12-14 11:54:41

[SECURITY] Fedora 23 Update: openssl-1.0.2e-1.fc23

2015-12-06 19:20:38

amazon

Medium: openssl

2015-12-14 10:00:00

aix

Vulnerabilities in OpenSSL impact AIX

2016-01-18 10:47:32

freebsd_advisory

FreeBSD-SA-15:26.openssl

2015-12-06 00:00:00

kaspersky

KLA10798 Multiple vulnerabilities at Oracle VM VirtualBox

2016-04-19 00:00:00

altlinux

Security fix for the ALT Linux 9 package openssl1.1 version 1.0.1q-alt1

2015-12-17 00:00:00

Security fix for the ALT Linux 8 package openssl10 version 1.0.1q-alt1

2015-12-17 00:00:00

Security fix for the ALT Linux 7 package openssl10 version 1.0.1q-alt1

2015-12-17 00:00:00

oraclelinux

openssl security update

2015-12-14 00:00:00

openssl security update

2016-03-01 00:00:00

openssl security update

2016-05-12 00:00:00

mageia

Updated openssl packages fix security vulnerability

2015-12-05 13:03:58

ubuntu

OpenSSL vulnerabilities

2015-12-07 00:00:00

freebsd

openssl -- multiple vulnerabilities

2015-12-03 00:00:00

slackware

[slackware-security] openssl

2015-12-16 06:25:41

symantec

SA105 : OpenSSL Vulnerabilities 3-Dec-2015

2015-12-10 08:00:00

fortinet

OpenSSL Advisory - December 2015

2015-12-10 00:00:00

cisco

Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products

2015-12-04 17:38:00

archlinux

openssl lib32-openssl: multiple issues

2015-12-05 00:00:00

nodejsblog

December Security Release Summary

2015-12-04 00:00:00

gentoo

OpenSSL: Multiple vulnerabilities

2016-01-29 00:00:00

suse

Security update for OpenSSL (important)

2016-03-07 18:13:37

Security update for openssl (important)

2016-03-02 23:12:04

Security update for sles12-docker-image (important)

2016-03-16 15:28:52

paloalto

OpenSSL Vulnerabilities

2016-08-15 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

6.4 Medium

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.8%

JSON

Related for OPENSSL:CVE-2015-3195