Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Polarssl
(Polarssl)Repositories | https://github.com/polarssl/polarssl |
#Vulnerabilities | 15 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2014-11-24 | CVE-2014-8627 | PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors. | Polarssl | N/A | ||
2015-08-24 | CVE-2014-8628 | Memory leak in PolarSSL before 1.2.12 and 1.3.x before 1.3.9 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted X.509 certificates. NOTE: this identifier has been SPLIT per ADT3 due to different affected versions. See CVE-2014-9744 for the ClientHello message issue. | Polarssl | N/A |