CVE-2018-9988

Опубликовано: 10 апр. 2018

Источник: ubuntu

Приоритет: low

CVSS2: 5

CVSS3: 7.5

Описание

ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	2.8.0-1
cosmic	ignored	end of life
devel	not-affected	2.8.0-1
disco	not-affected	2.8.0-1
eoan	not-affected	2.8.0-1
esm-apps/bionic	not-affected	2.8.0-1
esm-apps/focal	not-affected	2.8.0-1
esm-apps/jammy	not-affected	2.8.0-1
esm-apps/noble	not-affected	2.8.0-1

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
eoan	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was needs-triage]
esm-infra/focal	DNE
focal	DNE
groovy	DNE

Показывать по

Ссылки на источники

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2018-9988

CVSS3: 7.5

nvd

почти 8 лет назад

ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input.

CVE-2018-9988

CVSS3: 7.5

debian

почти 8 лет назад

ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffe ...

GHSA-h9j8-4v77-hmr3

CVSS3: 7.5

github

больше 3 лет назад

ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input.

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2018-9988

Описание

Пакет mbedtls

Пакет polarssl

Ссылки на источники

Связанные уязвимости