Unrated severityNVD Advisory· Published Nov 24, 2014· Updated Jun 17, 2026
CVE-2014-8627
CVE-2014-8627
Description
PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
Affected products
5- osv-coords3 versionspkg:rpm/opensuse/mbedtls-2&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/mbedtls-3&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/mbedtls&distro=openSUSE%20Tumbleweed
< 2.28.3-1.1+ 2 more
- (no CPE)range: < 2.28.3-1.1
- (no CPE)range: < 3.6.6-1.1
- (no CPE)range: < 2.4.0-1.2
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.