CVE-2015-8838 in PHPinformation

Résumé

par MITRE

ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!