Search for packages
| purl | pkg:alpm/archlinux/mbedtls@2.4.2-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-nxtq-auee-aaar | An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack pointer leading to a potential remote code execution. In order to exploit this vulnerability, an attacker can act as either a client or a server on a network to deliver malicious x509 certificates to vulnerable applications. |
CVE-2017-2784
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:44:52.483559+00:00 | Arch Linux Importer | Fixing | VCID-nxtq-auee-aaar | https://security.archlinux.org/AVG-198 | 36.0.0 |
| 2024-09-18T01:59:52.935469+00:00 | Arch Linux Importer | Fixing | VCID-nxtq-auee-aaar | https://security.archlinux.org/AVG-198 | 34.0.1 |
| 2024-01-24T11:41:54.320940+00:00 | Arch Linux Importer | Fixing | VCID-nxtq-auee-aaar | https://security.archlinux.org/AVG-198 | 34.0.0rc2 |
| 2024-01-03T22:26:08.410287+00:00 | Arch Linux Importer | Fixing | VCID-nxtq-auee-aaar | https://security.archlinux.org/AVG-198 | 34.0.0rc1 |