8.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.3%
A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password’s length is 0.
github.com/ARMmbed/mbedtls/issues/5136
lists.debian.org/debian-lts-announce/2022/12/msg00036.html