Your submission was sent successfully! Close

CVE-2012-2130

Published: 6 December 2019

A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys.

Priority

Medium

CVSS 3 base score: 7.4

Status

Package Release Status
mbedtls
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream Needs triage

wily Does not exist

xenial Not vulnerable

yakkety Not vulnerable

zesty Not vulnerable

polarssl
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was needs-triage)
trusty Does not exist
(trusty was not-affected [1.3.4-1])
upstream
Released (1.1.2-1)
vivid Not vulnerable

wily Not vulnerable

xenial Does not exist

yakkety Does not exist

zesty Does not exist

Patches:
upstream: https://tls.mbed.org/tech-updates/security-advisories/polarssl-security-advisory-2012-01