CVE-2014-8627

Опубликовано: 24 нояб. 2014

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

Описание

PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors.

Релиз	Статус	Примечание
devel	not-affected
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected]
lucid	ignored	end of life
precise	not-affected
trusty	not-affected
trusty/esm	DNE	trusty was not-affected
upstream	released	1.3.9-1
utopic	not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 50%

0.00274

Низкий

5 Medium

CVSS2

Связанные уязвимости

CVE-2014-8627

nvd

около 11 лет назад

PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors.

CVE-2014-8627

debian

около 11 лет назад

PolarSSL 1.3.8 does not properly negotiate the signature algorithm to ...

GHSA-9jjq-g2xm-68mw

github

больше 3 лет назад

PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors.

EPSS

Процентиль: 50%

0.00274

Низкий

5 Medium

CVSS2

CVE-2014-8627

Описание

Пакет polarssl

Ссылки на источники

Связанные уязвимости