High severity7.5NVD Advisory· Published Mar 10, 2017· Updated Jun 17, 2026
CVE-2015-2330
CVE-2015-2330
Description
Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows remote attackers to view a secure HTTP request, including, for example, secure cookies.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11- osv-coords9 versionspkg:rpm/opensuse/gtk3&distro=openSUSE%20Tumbleweedpkg:rpm/suse/webkitgtk3&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/webkitgtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/webkitgtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/webkitgtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/webkitgtk3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012pkg:rpm/suse/webkitgtk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/webkitgtk&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/webkitgtk&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012
< 2.4.11-3.3+ 8 more
- (no CPE)range: < 2.4.11-3.3
- (no CPE)range: < 2.4.8-16.2
- (no CPE)range: < 2.4.8-16.2
- (no CPE)range: < 2.4.8-16.2
- (no CPE)range: < 2.4.8-16.2
- (no CPE)range: < 2.4.8-16.2
- (no CPE)range: < 2.4.8-16.2
- (no CPE)range: < 2.4.8-16.2
- (no CPE)range: < 2.4.8-16.2
Patches
Vulnerability mechanics
References
6- www.openwall.com/lists/oss-security/2015/03/17/11nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2015/03/18/4nvdMailing ListThird Party Advisory
- trac.webkit.org/changeset/181074nvdRelease NotesVendor Advisory
- webkitgtk.org/security/WSA-2015-0002.htmlnvdVendor Advisory
- bugs.webkit.org/show_bug.cginvdPermissions Required
- security.gentoo.org/glsa/201706-15nvd
News mentions
0No linked articles in our index yet.