Search for packages
| purl | pkg:deb/debian/polarssl@1.2.9-1~deb7u6 |
| Next non-vulnerable version | 1.3.9-2.1+deb8u3 |
| Latest non-vulnerable version | 1.3.9-2.1+deb8u3 |
| Risk | 4.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1s12-4sah-bfg8
Aliases: CVE-2018-0487 |
ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session. |
Affected by 0 other vulnerabilities. |
|
VCID-3yq1-tg2q-h7b6
Aliases: CVE-2018-0488 |
ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the truncated HMAC extension and CBC are used, allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within a TLS or DTLS session. |
Affected by 0 other vulnerabilities. |
|
VCID-7abk-y53u-m3h6
Aliases: CVE-2015-8036 |
security update |
Affected by 0 other vulnerabilities. |
|
VCID-ugjd-7wwh-s7gm
Aliases: CVE-2015-5291 |
security update |
Affected by 0 other vulnerabilities. |
|
VCID-za15-an9s-gyby
Aliases: CVE-2017-18187 |
In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-34sw-qp3p-g7hf | security update |
CVE-2014-4911
|
| VCID-7abk-y53u-m3h6 | security update |
CVE-2015-8036
|
| VCID-94c4-14x4-4fg7 | several |
CVE-2013-5915
|
| VCID-hb9g-srk2-8bd5 | security update |
CVE-2014-8628
|
| VCID-j1np-b4mc-eqhs | several |
CVE-2013-4623
|
| VCID-se76-tkwu-nqcb | several |
CVE-2013-5914
|
| VCID-ssne-3v63-aqgy | security update |
CVE-2015-1182
|
| VCID-ugjd-7wwh-s7gm | security update |
CVE-2015-5291
|