Vulnerabilities > ARM > Mbed TLS > 1.3.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-13 | CVE-2018-0487 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session. | 9.8 |
| 2017-04-20 | CVE-2017-2784 | Improper Certificate Validation vulnerability in ARM Mbed TLS An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. | 8.1 |