vulnerability
Debian: CVE-2018-0498: mbedtls -- security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:M/Au:N/C:P/I:N/A:N) | Jul 28, 2018 | Sep 18, 2018 | Jul 7, 2020 |
Severity
2
CVSS
(AV:L/AC:M/Au:N/C:P/I:N/A:N)
Published
Jul 28, 2018
Added
Sep 18, 2018
Modified
Jul 7, 2020
Description
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack.
Solution
debian-upgrade-mbedtls
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.