Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

sun_ray_software

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

1
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2015-3195
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-3.48% / 87.84%
||
7 Day CHG~0.00%
Published-06 Dec, 2015 | 00:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.

Action-Not Available
Vendor-n/aCanonical Ltd.Apple Inc.openSUSEOracle CorporationSUSEOpenSSLRed Hat, Inc.Debian GNU/LinuxFedora Project
Product-vm_serverubuntu_linuxdebian_linuxmac_os_xsun_ray_softwareapi_gatewayenterprise_linux_server_tusenterprise_linux_desktopvm_virtualboxlife_sciences_data_hublinux_enterprise_serverenterprise_linux_server_ausfedoraintegrated_lights_out_manager_firmwarehttp_servercommunications_webrtc_session_controllerenterprise_linux_serverenterprise_linux_workstationtransportation_managementleapsolarislinuxopensslexalogic_infrastructureopensusen/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor