Off-by-one Error
Overview Affected versions of this package are vulnerable to Off-by-one Error via the mbedtlspemreadbuffer, mbedtlspkparse and mbedtlspkparsekeyfile functions when processing untrusted PEM input. An attacker can cause a one-byte heap-based buffer underflow by supplying specially crafted PEM data...