VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167962.html
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html
epss	0.01199	https://api.first.org/data/v1/epss?cve=CVE-2015-5262
epss	0.01199	https://api.first.org/data/v1/epss?cve=CVE-2015-5262
epss	0.01199	https://api.first.org/data/v1/epss?cve=CVE-2015-5262
epss	0.01199	https://api.first.org/data/v1/epss?cve=CVE-2015-5262
generic_textual	MODERATE	https://bugzilla.redhat.com/show_bug.cgi?id=1261538
cvssv3.1	7.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-fmj5-wv96-r2ch
generic_textual	MODERATE	https://github.com/advisories/GHSA-fmj5-wv96-r2ch
generic_textual	MODERATE	https://issues.apache.org/jira/browse/HTTPCLIENT-1478
generic_textual	MODERATE	https://jenkins.io/security/advisory/2018-02-26
generic_textual	MODERATE	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2015-5262
generic_textual	MODERATE	http://svn.apache.org/viewvc?view=revision&revision=1626784
generic_textual	MODERATE	http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
generic_textual	MODERATE	http://www.securitytracker.com/id/1033743
generic_textual	MODERATE	http://www.ubuntu.com/usn/USN-2769-1

System

Score

Found at

generic_textual

MODERATE

http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167962.html

generic_textual

MODERATE

http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html

generic_textual

MODERATE

http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html

generic_textual

MODERATE

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html

generic_textual

MODERATE

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html

epss

0.01199

https://api.first.org/data/v1/epss?cve=CVE-2015-5262

epss

0.01199

https://api.first.org/data/v1/epss?cve=CVE-2015-5262

epss

0.01199

https://api.first.org/data/v1/epss?cve=CVE-2015-5262

epss

0.01199

https://api.first.org/data/v1/epss?cve=CVE-2015-5262

generic_textual

MODERATE

https://bugzilla.redhat.com/show_bug.cgi?id=1261538

cvssv3.1

7.5

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

cvssv3.1_qr

MODERATE

https://github.com/advisories/GHSA-fmj5-wv96-r2ch

generic_textual

MODERATE

https://github.com/advisories/GHSA-fmj5-wv96-r2ch

generic_textual

MODERATE

https://issues.apache.org/jira/browse/HTTPCLIENT-1478

generic_textual

MODERATE

https://jenkins.io/security/advisory/2018-02-26

generic_textual

MODERATE

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

generic_textual

MODERATE

https://nvd.nist.gov/vuln/detail/CVE-2015-5262

generic_textual

MODERATE

http://svn.apache.org/viewvc?view=revision&revision=1626784

generic_textual

MODERATE

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

generic_textual

MODERATE

http://www.securitytracker.com/id/1033743

generic_textual

MODERATE

http://www.ubuntu.com/usn/USN-2769-1

Reference id

Reference type

URL

http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167962.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5262.json

https://api.first.org/data/v1/epss?cve=CVE-2015-5262

https://bugzilla.redhat.com/show_bug.cgi?id=1261538

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5262

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

https://github.com/apache/httpcomponents-client/commit/09027e7286974bf6b61f4106395da2623121db8d

https://github.com/apache/httpcomponents-client/commit/6705924879810f617a7a21d34f16b6c0d61e8d34

https://github.com/apache/httpcomponents-client/commit/d954cd287dfcdad8f153e61181e20d253175ca8c

https://issues.apache.org/jira/browse/HTTPCLIENT-1478

https://jenkins.io/security/advisory/2018-02-26

https://jenkins.io/security/advisory/2018-02-26/

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

http://svn.apache.org/viewvc?view=revision&revision=1626784

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

http://www.securitytracker.com/id/1033743

http://www.ubuntu.com/usn/USN-2769-1

798650

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798650

CVE-2015-5262

https://nvd.nist.gov/vuln/detail/CVE-2015-5262

GHSA-fmj5-wv96-r2ch

https://github.com/advisories/GHSA-fmj5-wv96-r2ch

USN-2769-1

https://usn.ubuntu.com/2769-1/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2026-06-02T04:38:24.625026+00:00	GitLab Importer	Import	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.httpcomponents/httpclient/CVE-2015-5262.yml	38.6.0

2026-06-02T04:38:24.625026+00:00

GitLab Importer

Import

https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.httpcomponents/httpclient/CVE-2015-5262.yml

38.6.0

Vulnerability ID	VCID-x63h-y2jy-pyaz
Aliases	CVE-2015-5262 GHSA-fmj5-wv96-r2ch
Summary	Moderate severity vulnerability that affects org.apache.httpcomponents:httpclient http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang) via unspecified vectors.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-399	Resource Management Errors
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-770	Allocation of Resources Without Limits or Throttling

Percentile	0.79226
EPSS Score	0.01199
Published At	June 4, 2026, 12:55 p.m.