{"api_version":"1","generated_at":"2026-06-10T13:40:50+00:00","cve":"CVE-2015-3165","urls":{"html":"https://cve.report/CVE-2015-3165","api":"https://cve.report/api/cve/CVE-2015-3165.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2015-3165","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2015-3165"},"summary":{"title":"CVE-2015-3165","description":"Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.","state":"PUBLISHED","assigner":"redhat","published_at":"2015-05-28 14:59:06","updated_at":"2026-05-06 22:30:45"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.3","severity":"","vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"}}],"references":[{"url":"https://support.apple.com/HT205219","name":"https://support.apple.com/HT205219","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"About the security content of OS X Server v5.0.3 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1196.html","name":"http://rhn.redhat.com/errata/RHSA-2015-1196.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"500"},{"url":"http://www.postgresql.org/docs/9.4/static/release-9-4-2.html","name":"http://www.postgresql.org/docs/9.4/static/release-9-4-2.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"],"title":"PostgreSQL: Documentation: 9.4: Release 9.4.2","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.postgresql.org/docs/9.3/static/release-9-3-7.html","name":"http://www.postgresql.org/docs/9.3/static/release-9-3-7.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"],"title":"PostgreSQL: Documentation: 9.3: Release 9.3.7","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html","name":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"APPLE-SA-2015-09-16-4 OS X Server 5.0.3","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1194.html","name":"http://rhn.redhat.com/errata/RHSA-2015-1194.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"500"},{"url":"http://www.postgresql.org/docs/9.0/static/release-9-0-20.html","name":"http://www.postgresql.org/docs/9.0/static/release-9-0-20.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"],"title":"PostgreSQL: Documentation: 9.0: Release 9.0.20","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/74787","name":"http://www.securityfocus.com/bid/74787","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"PostgreSQL CVE-2015-3165 Remote Denial Of Service Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.ubuntu.com/usn/USN-2621-1","name":"http://www.ubuntu.com/usn/USN-2621-1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"USN-2621-1: PostgreSQL vulnerabilities | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.postgresql.org/about/news/1587/","name":"http://www.postgresql.org/about/news/1587/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"PostgreSQL: PostgreSQL 9.4.2, 9.3.7, 9.2.11, 9.1.16, and 9.0.20 released!","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1195.html","name":"http://rhn.redhat.com/errata/RHSA-2015-1195.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.postgresql.org/docs/9.2/static/release-9-2-11.html","name":"http://www.postgresql.org/docs/9.2/static/release-9-2-11.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"],"title":"PostgreSQL: Documentation: 9.2: Release 9.2.11","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/201507-20","name":"https://security.gentoo.org/glsa/201507-20","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Gentoo Security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.postgresql.org/docs/9.1/static/release-9-1-16.html","name":"http://www.postgresql.org/docs/9.1/static/release-9-1-16.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"],"title":"PostgreSQL: Documentation: 9.1: Release 9.1.16","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2015/dsa-3269","name":"http://www.debian.org/security/2015/dsa-3269","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Debian -- Security Information -- DSA-3269-1 postgresql-9.1","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2015/dsa-3270","name":"http://www.debian.org/security/2015/dsa-3270","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Debian -- Security Information -- DSA-3270-1 postgresql-9.4","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2015-3165","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-3165","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"mac_os_x_server","cpe6":"5.0.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"12.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"14.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"14.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"15.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1.13","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1.14","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1.15","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.1.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.2.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.2.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.2.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.2.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.2.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.2.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.2.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.2.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.2.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.3.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.3.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.3.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.3.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.3.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"9.4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"3165","vulnerable":"1","versionEndIncluding":"9.0.19","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"postgresql","cpe5":"postgresql","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T05:39:31.273Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"74787","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/74787"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.postgresql.org/about/news/1587/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.postgresql.org/docs/9.0/static/release-9-0-20.html"},{"name":"USN-2621-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-2621-1"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.postgresql.org/docs/9.4/static/release-9-4-2.html"},{"name":"RHSA-2015:1195","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2015-1195.html"},{"name":"DSA-3269","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2015/dsa-3269"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.postgresql.org/docs/9.2/static/release-9-2-11.html"},{"name":"GLSA-201507-20","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"https://security.gentoo.org/glsa/201507-20"},{"name":"RHSA-2015:1194","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2015-1194.html"},{"name":"DSA-3270","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2015/dsa-3270"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.postgresql.org/docs/9.1/static/release-9-1-16.html"},{"name":"APPLE-SA-2015-09-16-4","tags":["vendor-advisory","x_refsource_APPLE","x_transferred"],"url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.postgresql.org/docs/9.3/static/release-9-3-7.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://support.apple.com/HT205219"},{"name":"RHSA-2015:1196","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2015-1196.html"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2015-05-22T00:00:00.000Z","descriptions":[{"lang":"en","value":"Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-01-04T19:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"74787","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/74787"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.postgresql.org/about/news/1587/"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.postgresql.org/docs/9.0/static/release-9-0-20.html"},{"name":"USN-2621-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/USN-2621-1"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.postgresql.org/docs/9.4/static/release-9-4-2.html"},{"name":"RHSA-2015:1195","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2015-1195.html"},{"name":"DSA-3269","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2015/dsa-3269"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.postgresql.org/docs/9.2/static/release-9-2-11.html"},{"name":"GLSA-201507-20","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"https://security.gentoo.org/glsa/201507-20"},{"name":"RHSA-2015:1194","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2015-1194.html"},{"name":"DSA-3270","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2015/dsa-3270"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.postgresql.org/docs/9.1/static/release-9-1-16.html"},{"name":"APPLE-SA-2015-09-16-4","tags":["vendor-advisory","x_refsource_APPLE"],"url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.postgresql.org/docs/9.3/static/release-9-3-7.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://support.apple.com/HT205219"},{"name":"RHSA-2015:1196","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2015-1196.html"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"secalert@redhat.com","ID":"CVE-2015-3165","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"74787","refsource":"BID","url":"http://www.securityfocus.com/bid/74787"},{"name":"http://www.postgresql.org/about/news/1587/","refsource":"CONFIRM","url":"http://www.postgresql.org/about/news/1587/"},{"name":"http://www.postgresql.org/docs/9.0/static/release-9-0-20.html","refsource":"CONFIRM","url":"http://www.postgresql.org/docs/9.0/static/release-9-0-20.html"},{"name":"USN-2621-1","refsource":"UBUNTU","url":"http://www.ubuntu.com/usn/USN-2621-1"},{"name":"http://www.postgresql.org/docs/9.4/static/release-9-4-2.html","refsource":"CONFIRM","url":"http://www.postgresql.org/docs/9.4/static/release-9-4-2.html"},{"name":"RHSA-2015:1195","refsource":"REDHAT","url":"http://rhn.redhat.com/errata/RHSA-2015-1195.html"},{"name":"DSA-3269","refsource":"DEBIAN","url":"http://www.debian.org/security/2015/dsa-3269"},{"name":"http://www.postgresql.org/docs/9.2/static/release-9-2-11.html","refsource":"CONFIRM","url":"http://www.postgresql.org/docs/9.2/static/release-9-2-11.html"},{"name":"GLSA-201507-20","refsource":"GENTOO","url":"https://security.gentoo.org/glsa/201507-20"},{"name":"RHSA-2015:1194","refsource":"REDHAT","url":"http://rhn.redhat.com/errata/RHSA-2015-1194.html"},{"name":"DSA-3270","refsource":"DEBIAN","url":"http://www.debian.org/security/2015/dsa-3270"},{"name":"http://www.postgresql.org/docs/9.1/static/release-9-1-16.html","refsource":"CONFIRM","url":"http://www.postgresql.org/docs/9.1/static/release-9-1-16.html"},{"name":"APPLE-SA-2015-09-16-4","refsource":"APPLE","url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"},{"name":"http://www.postgresql.org/docs/9.3/static/release-9-3-7.html","refsource":"CONFIRM","url":"http://www.postgresql.org/docs/9.3/static/release-9-3-7.html"},{"name":"https://support.apple.com/HT205219","refsource":"CONFIRM","url":"https://support.apple.com/HT205219"},{"name":"RHSA-2015:1196","refsource":"REDHAT","url":"http://rhn.redhat.com/errata/RHSA-2015-1196.html"}]}}}},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2015-3165","datePublished":"2015-05-28T14:00:00.000Z","dateReserved":"2015-04-10T00:00:00.000Z","dateUpdated":"2024-08-06T05:39:31.273Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2015-05-28 14:59:06","lastModifiedDate":"2026-05-06 22:30:45","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","matchCriteriaId":"B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","matchCriteriaId":"B5A6F2F3-4894-4392-8296-3B8DD2679084"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*","matchCriteriaId":"49A63F39-30BE-443F-AF10-6245587D3359"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","matchCriteriaId":"F38D3B7E-8429-473F-BB31-FC3583EE5A5B"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"16F59A04-14CF-49E2-9973-645477EA09DA"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x_server:5.0.2:*:*:*:*:*:*:*","matchCriteriaId":"8294E6EF-5FA4-47F1-BAB4-2F1E55731206"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*","versionEndIncluding":"9.0.19","matchCriteriaId":"3D5A2803-BDCB-4AE4-AA05-5ADA3854DEE9"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*","matchCriteriaId":"4796DBEC-FF4F-4749-90D5-AD83D8B5E086"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*","matchCriteriaId":"79108278-D644-4506-BD9C-F464C6E817B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*","matchCriteriaId":"10CF0AA0-41CD-4D50-BA7A-BF8846115C95"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1.3:*:*:*:*:*:*:*","matchCriteriaId":"965E1A9D-BB23-4C0B-A9CA-54A1855055B1"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1.4:*:*:*:*:*:*:*","matchCriteriaId":"A1F37C66-0AFE-4D59-8867-BDBCE656774E"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1.5:*:*:*:*:*:*:*","matchCriteriaId":"5CE53AE6-232C-4068-98D1-7749007C3CFD"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1.6:*:*:*:*:*:*:*","matchCriteriaId":"FFD38139-FD17-41E7-8D10-7731D8203CFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1.7:*:*:*:*:*:*:*","matchCriteriaId":"CCC0B41F-38FF-4D41-9E31-D666A84BB2FC"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1.8:*:*:*:*:*:*:*","matchCriteriaId":"A591CB08-5CEB-45EB-876F-417DCD60AF53"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1.9:*:*:*:*:*:*:*","matchCriteriaId":"E0B79735-4CF5-4038-9FC4-12A58790B15A"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1.10:*:*:*:*:*:*:*","matchCriteriaId":"0A74DAF9-516D-44BC-B09A-73395EF72873"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1.11:*:*:*:*:*:*:*","matchCriteriaId":"B58318BE-FB71-4183-A1F4-5FD207885A89"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1.12:*:*:*:*:*:*:*","matchCriteriaId":"1D931436-34EB-4C42-8F2B-713662DF6627"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1.13:*:*:*:*:*:*:*","matchCriteriaId":"3F2289C7-7E77-41E7-94A6-44B1F9F17CB8"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1.14:*:*:*:*:*:*:*","matchCriteriaId":"A9DDEEEC-492D-4F45-B009-3642887843BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.1.15:*:*:*:*:*:*:*","matchCriteriaId":"7F676407-46E1-4737-9162-0E6AB1D3E8AD"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.2:*:*:*:*:*:*:*","matchCriteriaId":"AD27648F-E2FF-4779-97F9-2632DCC6B16D"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.2.1:*:*:*:*:*:*:*","matchCriteriaId":"CEFB4916-8B59-4534-804C-CF9DA1B18508"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.2.2:*:*:*:*:*:*:*","matchCriteriaId":"3413A3AB-45A3-48E1-9B30-1194C4E7D49D"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.2.3:*:*:*:*:*:*:*","matchCriteriaId":"5760CE83-4802-42A0-9338-E1E634882450"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.2.4:*:*:*:*:*:*:*","matchCriteriaId":"6B41009E-4028-4D82-B8D0-8B949EDC0A68"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.2.5:*:*:*:*:*:*:*","matchCriteriaId":"832F3EBE-A92C-4FB3-BF3C-0E7B750F966B"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.2.6:*:*:*:*:*:*:*","matchCriteriaId":"1571EE80-55A6-4F91-909B-C46BA19EC76F"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.2.7:*:*:*:*:*:*:*","matchCriteriaId":"2848E3BC-293A-4A75-BEB7-C2F1637AD3E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.2.8:*:*:*:*:*:*:*","matchCriteriaId":"ADC9133E-94FC-4199-BD69-BBB46CF3799F"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.2.9:*:*:*:*:*:*:*","matchCriteriaId":"200172CE-40AB-49E3-93D1-9947E3CBFFF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.2.10:*:*:*:*:*:*:*","matchCriteriaId":"E90B21A9-19A7-4DCB-A2FE-C558CCB6BBB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.3:*:*:*:*:*:*:*","matchCriteriaId":"5B890251-95EB-44F3-A6A7-F718F3C807B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.3.1:*:*:*:*:*:*:*","matchCriteriaId":"D2E5BD02-8C3D-4687-88DE-1C00366270E7"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.3.2:*:*:*:*:*:*:*","matchCriteriaId":"709F5DF9-9F3A-42C3-890B-521B13118C0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.3.3:*:*:*:*:*:*:*","matchCriteriaId":"14D85A34-C897-4E52-8F97-18CA51C5461A"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.3.4:*:*:*:*:*:*:*","matchCriteriaId":"A40DAD2B-A6D4-43D8-B282-A3C672356D6A"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.3.5:*:*:*:*:*:*:*","matchCriteriaId":"FC2FE391-9414-480E-A9B1-CF70280E315E"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.3.6:*:*:*:*:*:*:*","matchCriteriaId":"55B6A4ED-FA3B-4251-BF82-755F95277CF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.4.0:*:*:*:*:*:*:*","matchCriteriaId":"F56BE7CE-E2B6-4089-88CC-5F28FAC602AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:9.4.1:*:*:*:*:*:*:*","matchCriteriaId":"8A587AF3-5E70-4455-8621-DFD048207DE2"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2015","CveId":"3165","Ordinal":"1","Title":"CVE-2015-3165","CVE":"CVE-2015-3165","Year":"2015"},"notes":[{"CveYear":"2015","CveId":"3165","Ordinal":"1","NoteData":"Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.","Type":"Description","Title":"CVE-2015-3165"},{"CveYear":"2015","CveId":"3165","Ordinal":"2","NoteData":"2015-05-28","Type":"Other","Title":"Published"},{"CveYear":"2015","CveId":"3165","Ordinal":"3","NoteData":"2018-01-04","Type":"Other","Title":"Modified"}]}}}