CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2018-0498 – Ubuntu Security Notice USN-4267-1
https://notcve.org/view.php?id=CVE-2018-0498
28 Jul 2018 — ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack. ARM mbed TLS en versiones anteriores a la 2.12.0, en versiones anteriores a la 2.7.5 y en versiones anteriores a la 2.1.14 permite a los usuarios locales lograr una recuperación parcial de texto plano (para un ciphersuite basado en CBC) mediante un ataque de canal lateral basado en caché. It was discovered that mbedtls has a... • https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1000520
https://notcve.org/view.php?id=CVE-2018-1000520
26 Jun 2018 — ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows Incorrectly Signed Certificates vulnerability in mbedtls_ssl_get_verify_result() that can result in ECDSA-signed certificates are accepted, when only RSA-signed ones should be.. This attack appear to be exploitable via Peers negotiate a TLS-ECDH-RSA-* ciphersuite. Any of the peers can then provide an ECDSA-signed certificate, when only an RSA-signed one should be accepted.. ARM mbedTLS, en versiones 2.7.0 y anteriores, contiene una vulnerab... • https://github.com/ARMmbed/mbedtls/issues/1561 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-9988
https://notcve.org/view.php?id=CVE-2018-9988
10 Apr 2018 — ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input. ARM mbed TLS, en versiones anteriores a la 2.1.11, anteriores a la 2.7.2 y anteriores a la 2.8.0, tiene una sobrelectura de búfer en ssl_parse_server_key_exchange() que podría provocar un cierre inesperado o una entrada no válida. • https://github.com/ARMmbed/mbedtls/commit/027f84c69f4ef30c0693832a6c396ef19e563ca1 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-9989
https://notcve.org/view.php?id=CVE-2018-9989
10 Apr 2018 — ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input. ARM mbed TLS, en versiones anteriores a la 2.1.11, anteriores a la 2.7.2 y anteriores a la 2.8.0, tiene una sobrelectura de búfer en ssl_parse_server_psk_hint() que podría provocar un cierre inesperado o una entrada no válida. • https://github.com/ARMmbed/mbedtls/commit/5224a7544c95552553e2e6be0b4a789956a6464e • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2017-18187 – Ubuntu Security Notice USN-4267-1
https://notcve.org/view.php?id=CVE-2017-18187
14 Feb 2018 — In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c. En ARM mbed TLS, en versiones anteriores a la 2.7.0, hay una omisión de comprobación de límites mediante un desbordamiento de enteros en el análisis de identidad PSK en la función ssl_parse_client_psk_identity() en library/ssl_srv.c. It was discovered that mbedtls has a bounds-check bypass through an integer overflow that can b... • http://www.securityfocus.com/bid/103055 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 16%CPEs: 5EXPL: 0CVE-2018-0488 – Ubuntu Security Notice USN-4267-1
https://notcve.org/view.php?id=CVE-2018-0488
13 Feb 2018 — ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the truncated HMAC extension and CBC are used, allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within a TLS or DTLS session. ARM mbed TLS, en versiones anteriores a la 1.3.22, a la 2.1.10 y a la 2.7.0, cuando se usan las extensiones truncadas HMAC y CBC, permite que atacantes remotos ejecuten código arbitrario o provoquen una denegación de servicio (corrupción d... • http://www.securityfocus.com/bid/103057 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 10%CPEs: 5EXPL: 0CVE-2018-0487 – Ubuntu Security Notice USN-4267-1
https://notcve.org/view.php?id=CVE-2018-0487
13 Feb 2018 — ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session. ARM mbed TLS, en versiones anteriores a la 1.3.22, a la 2.1.10 y a la 2.7.0, permite que atacantes remotos ejecuten código arbitrario o provoquen una denegación de servicio (desbordamiento de búfer) mediante una cadena de certificado... • http://www.securityfocus.com/bid/103056 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 0%CPEs: 30EXPL: 0CVE-2017-14032 – Debian Security Advisory 3967-1
https://notcve.org/view.php?id=CVE-2017-14032
30 Aug 2017 — ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped with the PolarSSL name are not affected. ARM mbed TLS en versiones anteriores a la 1.3.21 y en versiones 2.x anteriores a la 2.1.9, si se configura la autenticación opcional, permite a los atacantes omitir la autenticación Peer median... • http://www.debian.org/security/2017/dsa-3967 • CWE-287: Improper Authentication •
CVSS: 8.1EPSS: 2%CPEs: 10EXPL: 1CVE-2017-2784 – Gentoo Linux Security Advisory 201706-18
https://notcve.org/view.php?id=CVE-2017-2784
20 Apr 2017 — An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack pointer leading to a potential remote code execution. In order to exploit this vulnerability, an attacker can act as either a client or a server on a network to deliver malicious x509 certificates to vulnerable applications. Existe un... • http://www.talosintelligence.com/reports/TALOS-2017-0274 • CWE-295: Improper Certificate Validation •
CVSS: 9.8EPSS: 1%CPEs: 10EXPL: 0CVE-2015-5291 – Gentoo Linux Security Advisory 201706-18
https://notcve.org/view.php?id=CVE-2015-5291
02 Nov 2015 — Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long hostname to the server name indication (SNI) extension, which is not properly handled when creating a ClientHello message. NOTE: this identifier has been SPLIT per ADT3 due to different affected version ranges. See CVE-2015-8036 for the session ticket issue th... • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170317.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •