<entry id="CVE-2015-5237">
<cpe-lang:logical-test operator="OR" negate="false"/>
</vuln:vulnerable-configuration>
<vuln:cve-id>CVE-2015-5237</vuln:cve-id>
<vuln:published-datetime>2017-09-25T13:29:00.397-04:00</vuln:published-datetime>
<vuln:last-modified-datetime>2018-02-13T13:33:51.727-05:00</vuln:last-modified-datetime>
<vuln:cvss>
<cvss:base_metrics>
<cvss:score>6.5</cvss:score>
<cvss:access-vector>NETWORK</cvss:access-vector>
<cvss:access-complexity>LOW</cvss:access-complexity>
<cvss:authentication>SINGLE_INSTANCE</cvss:authentication>
<cvss:confidentiality-impact>PARTIAL</cvss:confidentiality-impact>
<cvss:integrity-impact>PARTIAL</cvss:integrity-impact>
<cvss:availability-impact>PARTIAL</cvss:availability-impact>
<cvss:generated-on-datetime>2018-02-13T13:15:34.710-05:00</cvss:generated-on-datetime>
</cvss:base_metrics>
</vuln:cvss>
<vuln:cwe id="CWE-119"/>
<vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
<vuln:source>MLIST</vuln:source>
</vuln:references>
<vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
<vuln:source>CONFIRM</vuln:source>
</vuln:references>
<vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
<vuln:source>CONFIRM</vuln:source>
</vuln:references>
<vuln:summary>protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.</vuln:summary>
</entry>