Known Vulnerabilities for products from Polarssl
Listed below are 15 of the newest known vulnerabilities associated with the vendor "Polarssl".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2015-8036 json | Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL ser... | 6.8 - MEDIUM | 2015-11-02 | 2019-06-19 |
| CVE-2015-5291 json | Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x bef... | 6.8 - MEDIUM | 2015-11-02 | 2019-06-19 |
| CVE-2015-1182 json | The asn1_get_sequence_of function in library/asn1parse.c in PolarSSL 1.0 through 1.2.12 and 1.3.x through 1.3.9 does not prop... | 7.5 - HIGH | 2015-01-27 | 2018-10-30 |
| CVE-2014-9744 json | Memory leak in PolarSSL before 1.3.9 allows remote attackers to cause a denial of service (memory consumption) via a large nu... | 7.8 - HIGH | 2015-08-24 | 2018-10-30 |
| CVE-2014-8628 json | Memory leak in PolarSSL before 1.2.12 and 1.3.x before 1.3.9 allows remote attackers to cause a denial of service (memory con... | 7.8 - HIGH | 2015-08-24 | 2023-11-07 |
| CVE-2014-8627 json | PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade... | 5 - MEDIUM | 2014-11-24 | 2023-11-07 |
| CVE-2014-4911 json | The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before 1.2.11 and 1.3.x before 1.3.8 allows remote attackers to... | 5 - MEDIUM | 2014-07-22 | 2015-12-04 |
| CVE-2013-5915 json | The RSA-CRT implementation in PolarSSL before 1.2.9 does not properly perform Montgomery multiplication, which might allow re... | 4.3 - MEDIUM | 2013-10-04 | 2013-10-31 |
| CVE-2013-5914 json | Buffer overflow in the ssl_read_record function in ssl_tls.c in PolarSSL before 1.1.8, when using TLS 1.1, might allow remote... | 6.8 - MEDIUM | 2013-10-26 | 2013-10-28 |
| CVE-2013-4623 json | The x509parse_crt function in x509.h in PolarSSL 1.1.x before 1.1.7 and 1.2.x before 1.2.8 does not properly parse certificat... | 4.3 - MEDIUM | 2013-09-30 | 2013-10-31 |
| CVE-2013-1621 json | Array index error in the SSL module in PolarSSL before 1.2.5 might allow remote attackers to cause a denial of service via ve... | 4.3 - MEDIUM | 2013-02-08 | 2013-03-08 |
| CVE-2013-0169 json | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do... | 2.6 - LOW | 2013-02-08 | 2023-05-12 |
| CVE-2012-2130 json | A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diff... | 7.4 - HIGH | 2019-12-06 | 2019-12-18 |
| CVE-2011-4574 json | PolarSSL versions prior to v1.1 use the HAVEGE random number generation algorithm. At its heart, this uses timing information... | 9.8 - CRITICAL | 2021-10-27 | 2021-10-28 |
| CVE-2011-1923 json | The Diffie-Hellman key-exchange implementation in dhm.c in PolarSSL before 0.14.2 does not properly validate a public paramet... | 4 - MEDIUM | 2012-06-20 | 2013-10-24 |
Known software with vulnerabilities from Polarssl
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Polarssl | Polarssl | 0.10.0 |