AZL-6376

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-6376.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-6376

Upstream

CVE-2015-2987

Published

2015-08-28T15:59:00Z

Modified

2026-04-21T04:32:12.324670Z

Summary

CVE-2015-2987 affecting package ed for versions less than 1.14.2-9

Details

Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.

References

https://nvd.nist.gov/vuln/detail/CVE-2015-2987

Affected packages

Azure Linux:2 / ed

Package

Name: ed
Purl: pkg:rpm/azure-linux/ed

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-9

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-6376.json"