CVE-2020-36426

July 29, 2021

An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte).

Summary:

An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte).

Reference Links(if available):

  • https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.8
  • https://github.com/ARMmbed/mbedtls/releases/tag/v2.24.0
  • https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.17
  • https://bugs.gentoo.org/740108

  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • You may have missed

    CISA Logo

    CISA: CISA and FBI Release Fact Sheet on Protecting Against Iranian Targeting of Accounts Associated with National Political Organizations

    November 10, 2024
    CISA Logo

    CISA: CISA Releases Twenty-One Industrial Control Systems Advisories

    November 10, 2024
    CISA Logo

    CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

    November 10, 2024
    CISA Logo

    CISA: Avoid Scams After Disaster Strikes

    November 10, 2024
    CISA Logo

    CISA: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies

    November 10, 2024