Your submission was sent successfully! Close

CVE-2021-43666

Published: 24 March 2022

A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
mbedtls
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

impish Needs triage

jammy Needs triage

trusty Ignored
(out of standard support)
upstream Needs triage

xenial Ignored
(out of standard support)