Multiple security issues have been discovered in PolarSSL, a lightweight crypto and SSL/TLS library: CVE-2013-4623 Jack Lloyd discovered a denial of service vulnerability in the parsing of PEM-encoded certificates. CVE-2013-5914 Paul Brodeur and TrustInSoft discovered a buffer overflow in the ssl_read_record function, allowing the potential execution of arbitrary code. CVE-2013-5915 Cyril Arnaud and Pierre-Alain Fouque discovered timimg attacks against the RSA implementation.