vulnerability
SUSE: CVE-2015-2774: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Feb 20, 2016 | Apr 7, 2016 | May 7, 2019 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Feb 20, 2016
Added
Apr 7, 2016
Modified
May 7, 2019
Description
Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).
Solution(s)
suse-upgrade-erlangsuse-upgrade-erlang-debuggersuse-upgrade-erlang-debugger-srcsuse-upgrade-erlang-debuginfosuse-upgrade-erlang-debugsourcesuse-upgrade-erlang-dialyzersuse-upgrade-erlang-dialyzer-debuginfosuse-upgrade-erlang-dialyzer-srcsuse-upgrade-erlang-docsuse-upgrade-erlang-epmdsuse-upgrade-erlang-epmd-debuginfosuse-upgrade-erlang-etsuse-upgrade-erlang-et-srcsuse-upgrade-erlang-gssuse-upgrade-erlang-gs-srcsuse-upgrade-erlang-jinterfacesuse-upgrade-erlang-jinterface-srcsuse-upgrade-erlang-observersuse-upgrade-erlang-observer-srcsuse-upgrade-erlang-reltoolsuse-upgrade-erlang-reltool-srcsuse-upgrade-erlang-srcsuse-upgrade-erlang-wxsuse-upgrade-erlang-wx-debuginfosuse-upgrade-erlang-wx-src
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.