Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Polarssl
(Polarssl)Repositories | https://github.com/polarssl/polarssl |
#Vulnerabilities | 15 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2013-10-26 | CVE-2013-5914 | Buffer overflow in the ssl_read_record function in ssl_tls.c in PolarSSL before 1.1.8, when using TLS 1.1, might allow remote attackers to execute arbitrary code via a long packet. | Polarssl | N/A | ||
2013-09-30 | CVE-2013-4623 | The x509parse_crt function in x509.h in PolarSSL 1.1.x before 1.1.7 and 1.2.x before 1.2.8 does not properly parse certificate messages during the SSL/TLS handshake, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certificate message that contains a PEM encoded certificate. | Polarssl | N/A | ||
2013-02-08 | CVE-2013-1621 | Array index error in the SSL module in PolarSSL before 1.2.5 might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC padding in a TLS session, a different vulnerability than CVE-2013-0169. | Polarssl | N/A | ||
2012-06-20 | CVE-2011-1923 | The Diffie-Hellman key-exchange implementation in dhm.c in PolarSSL before 0.14.2 does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obtain the shared secret key by modifying network traffic, a related issue to CVE-2011-5095. | Polarssl | N/A |