The cipherstring parsing code in nss_compat_ossl while in multi-keyword mode does not match the expected set of ciphers for a given cipher combination, which allows attackers to have unspecified impact via unknown vectors.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1238326 | Issue Tracking Third Party Advisory VDB Entry |
Configurations
History
No history.
Information
Published : 2017-07-25 18:29
Updated : 2024-02-04 19:29
NVD link : CVE-2015-3278
Mitre link : CVE-2015-3278
CVE.ORG link : CVE-2015-3278
JSON object : View
Products Affected
nss_compat_ossl_project
- nss_compat_ossl
CWE
CWE-20
Improper Input Validation