VulnerableCode Package Details - pkg:deb/ubuntu/polarssl@1.3.1-2

Search for packages

Package details: pkg:deb/ubuntu/polarssl@1.3.1-2

Essentials
History (0)

purl	pkg:deb/ubuntu/polarssl@1.3.1-2

Next non-vulnerable version	1.3.4-1
Latest non-vulnerable version	1.3.4-1
Risk	3.4

Vulnerabilities affecting this package (3)

Vulnerability	Summary	Fixed by
VCID-2jnv-7ctk-aaaf Aliases: CVE-2012-2130	A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys.	1.3.4-1 Affected by 0 other vulnerabilities.
VCID-m3cu-eht1-aaae Aliases: CVE-2013-5915	The RSA-CRT implementation in PolarSSL before 1.2.9 does not properly perform Montgomery multiplication, which might allow remote attackers to conduct a timing side-channel attack and retrieve RSA private keys.	1.3.4-1 Affected by 0 other vulnerabilities.
VCID-xjeb-8cha-aaac Aliases: CVE-2013-1621	Array index error in the SSL module in PolarSSL before 1.2.5 might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC padding in a TLS session, a different vulnerability than CVE-2013-0169.	1.3.4-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version