MGASA-2015-0392

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2015-5262

Published: 09 Oct 2015, 18:47

Last modified:16 Apr 2026, 06:22

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

09 Oct 2015, 18:47

Published

Vulnerability first disclosed

16 Apr 2026, 06:22

Last Modified

Vulnerability information updated

Description

Updated jakarta-commons-httpclient and httpcomponents-client packages fixes security vulnerability The Apache httpclient library had a bug where the socket timeout was ignored during the SSL handshake, causing threads in an application to hang (CVE-2015-5262).

Affected Systems

mageia•httpcomponents-client
< 4.3.6-1.mga5
mageia•jakarta-commons-httpclient
< 3.1-15.1.mga5

References (3)

https://advisories.mageia.org/MGASA-2015-0392.html
https://bugs.mageia.org/show_bug.cgi?id=16870
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5262