CVE-2018-9988

🗓️ 10 Apr 2018 19:00:29Reported by [email protected]Type

ARM mbed TLS buffer over-read in ssl_parse_server_key_exchange can cause cras

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 17
Prion	Input validation	10 Apr 201819:29	–	prion
OSV	CVE-2018-9988	10 Apr 201819:29	–	osv
OSV	polarssl - security update	25 Sep 201800:00	–	osv
OSV	mbedtls - security update	23 Nov 202100:00	–	osv
UbuntuCve	CVE-2018-9988	10 Apr 201800:00	–	ubuntucve
Debian CVE	CVE-2018-9988	10 Apr 201819:29	–	debiancve
Cvelist	CVE-2018-9988	10 Apr 201819:00	–	cvelist
CVE	CVE-2018-9988	10 Apr 201819:29	–	cve
Tenable Nessus	openSUSE Security Update : mbedtls (openSUSE-2018-382)	23 Apr 201800:00	–	nessus
Tenable Nessus	Debian DLA-1518-1 : polarssl security update	27 Sep 201800:00	–	nessus

Nvd

Node

arm mbed_tlsRange<2.1.11

arm mbed_tlsRange2.7.0–2.7.2

arm mbed_tlsMatch2.8.0rc1

Node

debian debian_linuxMatch8.0

debian debian_linuxMatch9.0

Source	Link
github	www.github.com/ARMmbed/mbedtls/commit/a1098f81c252b317ad34ea978aea2bc47760b215
lists	www.lists.debian.org/debian-lts-announce/2021/11/msg00021.html
github	www.github.com/ARMmbed/mbedtls/commit/027f84c69f4ef30c0693832a6c396ef19e563ca1
lists	www.lists.debian.org/debian-lts-announce/2018/09/msg00029.html
tls	www.tls.mbed.org/tech-updates/releases/mbedtls-2.8.0-2.7.2-and-2.1.11-released

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Apr 2018 19:29Current

7.6High risk

Vulners AI Score7.6

CVSS25

CVSS37.5

EPSS0.00564

CWE-125