VulnerableCode Package Details - pkg:alpm/archlinux/mbedtls@2.6.0-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-kk1q-u5b2-aaae Aliases: CVE-2018-0488	ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the truncated HMAC extension and CBC are used, allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within a TLS or DTLS session.	2.7.0-1 Affected by 0 other vulnerabilities.
VCID-krrf-1uy1-aaam Aliases: CVE-2018-0487	ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session.	2.7.0-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-kk1q-u5b2-aaae
Aliases:
CVE-2018-0488

ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the truncated HMAC extension and CBC are used, allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within a TLS or DTLS session.

2.7.0-1
Affected by 0 other vulnerabilities.

VCID-krrf-1uy1-aaam
Aliases:
CVE-2018-0487

ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session.

2.7.0-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:04.507122+00:00	Arch Linux Importer	Affected by	VCID-krrf-1uy1-aaam	https://security.archlinux.org/AVG-617	36.0.0
2025-03-28T07:46:04.486495+00:00	Arch Linux Importer	Affected by	VCID-kk1q-u5b2-aaae	https://security.archlinux.org/AVG-617	36.0.0
2024-09-18T02:01:08.898053+00:00	Arch Linux Importer	Affected by	VCID-krrf-1uy1-aaam	https://security.archlinux.org/AVG-617	34.0.1
2024-09-18T02:01:08.871415+00:00	Arch Linux Importer	Affected by	VCID-kk1q-u5b2-aaae	https://security.archlinux.org/AVG-617	34.0.1
2024-01-24T11:41:55.526218+00:00	Arch Linux Importer	Affected by	VCID-krrf-1uy1-aaam	https://security.archlinux.org/AVG-617	34.0.0rc2
2024-01-24T11:41:55.504339+00:00	Arch Linux Importer	Affected by	VCID-kk1q-u5b2-aaae	https://security.archlinux.org/AVG-617	34.0.0rc2
2024-01-03T22:27:24.552465+00:00	Arch Linux Importer	Affected by	VCID-krrf-1uy1-aaam	https://security.archlinux.org/AVG-617	34.0.0rc1
2024-01-03T22:27:24.525388+00:00	Arch Linux Importer	Affected by	VCID-kk1q-u5b2-aaae	https://security.archlinux.org/AVG-617	34.0.0rc1