First published: Mon Sep 24 2018(Updated: )
LibreSSL. Multiple issues were addressed by updating to libressl version 2.6.4.
Credit: CVE-2015-3194 CVE-2015-5333 CVE-2015-5334 CVE-2016-0702 secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS Mojave | <10.14 | 10.14 |
Openbsd Libressl | <2.3.1 | |
openSUSE openSUSE | =13.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2015-5334 is a vulnerability in LibreSSL that allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted X.509 certificate.
The severity of CVE-2015-5334 is critical with a CVSS score of 9.8.
You can mitigate the impact of CVE-2015-5334 by updating to LibreSSL version 2.6.4 or later.
macOS Mojave (version up to 10.14), Openbsd Libressl (version up to 2.3.1), Opensuse Opensuse (version 13.2) are affected by CVE-2015-5334.
You can find more information about CVE-2015-5334 at the following references: [1] [2] [3].