2022-03-24 00:00:00
mitre
PUBLISHED
A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input passwords length is 0.