CVE

CVE-2021-43666

Severity:
HIGH
Type:
Unavailable / Other
Publication date:
24/03/2022
Last modified:
20/07/2023

Description

A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:* 3.0.0 (including)
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*


botón arriba