Description

Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.

Remediation

References

CVE-2015-3165

Related Vulnerabilities

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-2163)

WordPress Plugin SportsPress-Sports Club & League Manager Cross-Site Scripting (2.7.1)

WordPress Plugin Login Logout Menu Multiple Cross-Site Scripting Vulnerabilities (1.3.3)

WordPress Plugin Easy Social Box/Page Cross-Site Scripting (4.1.2)

WordPress Plugin Custom 404 Pro Unspecified Vulnerability (3.7.0)

Severity

Medium

Classification

CVE-2015-3165

Tags

Missing Update Known Vulnerabilities