suse · CVE-2015-8869

Quick triage

Priority: low Published: 2021-05-30 13:36:15 UTC Updated: 2025-11-05 04:38:24 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2015-8869 severity low: SUSE including 78 source package names (libguestfs-1.32.7-3.el7, libguestfs-bash-completion-1.32.7-3.el7, …), 111 product×package rows across 16 product lines (SUSE Liberty Linux 7, SUSE Linux Enterprise Module for Development Tools 15, … (16 product lines)): Fixed 111.

Description:

OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.

cvelogic Threat Intelligence