EUVD-2018-0592

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

SSLConnectionSocketFactory in Apache HttpClient before 4.3.6 causes denial of service during SSL handshake

Reporter	Title	Published	Views	Family All 112
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been fixed in IBM Security Verify Governance, Identity Manager virtual appliance component (ISVG IMVA)	21 Sep 202120:25	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase (CVE-2021-20492, CVE-2021-29754, CVE-2021-29736, CVE-2015-5262, CVE-2014-3577, CVE-2012-6153, CVE-2011-1498)	16 Sep 202106:01	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Global Mailbox in IBM Sterling B2B Integrator (CVE-2015-5262, CVE-2014-3577)	5 Feb 202000:53	–	ibm
IBM Security Bulletins	Security Bulletin: Security fixes available for The IBM® Engineering System Design Rhapsody products on IBM Jazz Technology	7 Jun 202406:01	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache HTTP Components Libraries Affect IBM B2B Advanced Communications	16 Jun 201820:12	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in embedded IBM WebSphere Application Server which is shipped with IBM Tivoli Netcool Configuration Manager (CVE-2015-5262, CVE-2014-3577, CVE-2012-6153, CVE-2011-1498)	29 Jun 202110:19	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in WebSphere Application Server affect IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise	21 Sep 202109:48	–	ibm
IBM Security Bulletins	Security Bulletin: Apache Commons HttpClient 3.x (and few others) allow Man-In-The-Middle (MITM) attack	12 Dec 202213:16	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities affect multiple IBM Rational products based on IBM Jazz technology	28 Apr 202118:35	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in Apache HttpComponents and HttpCommons affect WebSphere Application Server shipped with IBM WebSphere Application Server Patterns (CVE-2015-5262, CVE-2014-3577, CVE-2012-6153, CVE-2011-1498)	14 May 202118:01	–	ibm

[
  {
    "enisaIdVendor": [
      {
        "id": "582fe069-22c5-3638-9b47-f7b39709d4ed",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "e2a45342-66e1-395f-8cc3-6036ea10f76a",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2015-5262
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
github	www.github.com/advisories/GHSA-fmj5-wv96-r2ch
issues	www.issues.apache.org/jira/browse/HTTPCLIENT-1478
jenkins	www.jenkins.io/security/advisory/2018-02-26
lists	www.lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
lists	www.lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
lists	www.lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
lists	www.lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
lists	www.lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

07 Oct 2025 00:30Current

5.9Medium risk

Vulners AI Score5.9

CVSS 24.3

EPSS0.01199