VYPR
Unrated severityNVD Advisory· Published Aug 23, 2021· Updated Aug 4, 2024

CVE-2020-36478

CVE-2020-36478

Description

An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate should be considered invalid.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Mbed TLS/Mbed TLSdescription
  • Arm/MbedTLSllm-fuzzy
    Range: <2.25.0, <2.16.9, <2.7.18

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.