CVE-2015-5262
ADVISORY - githubSummary
http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang) via unspecified vectors.
EPSS Score: 0.03292 (0.914)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Resource Management Errors
ADVISORY - gitlab
ADVISORY - redhat
Allocation of Resources Without Limits or Throttling
NIST
CREATED
UPDATED
ADVISORY IDCVE-2015-5262
EXPLOITABILITY SCORE
8.6
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
GitHub
CREATED
UPDATED
ADVISORY IDGHSA-fmj5-wv96-r2ch
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Debian
CREATED
UPDATED
ADVISORY IDCVE-2015-5262
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2015-5262
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Red Hat
CREATED
UPDATED
ADVISORY IDCVE-2015-5262
EXPLOITABILITY SCORE
8.6
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
SUSE
CREATED
UPDATED
ADVISORY IDCVE-2015-5262
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-