Vulnerabilities > Polarssl > Polarssl
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-02-08 | CVE-2013-1621 | Improper Input Validation vulnerability in Polarssl Array index error in the SSL module in PolarSSL before 1.2.5 might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC padding in a TLS session, a different vulnerability than CVE-2013-0169. | 4.3 |
2012-06-20 | CVE-2011-1923 | Cryptographic Issues vulnerability in Polarssl The Diffie-Hellman key-exchange implementation in dhm.c in PolarSSL before 0.14.2 does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obtain the shared secret key by modifying network traffic, a related issue to CVE-2011-5095. | 4.0 |