Lucene search

[email protected]CVE-2023-43615

HistoryOct 07, 2023 - 1:15 a.m.

CVE-2023-43615

2023-10-0701:15:10

CWE-120

[email protected]

web.nvd.nist.gov

mbed tls

buffer overflow

cve-2023-43615

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.9%

JSON

Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.

Affected configurations

NVD

Node

armmbed_tlsRange2.0.0–2.28.5

armmbed_tlsRange3.0.0–3.5.0

Node

fedoraprojectfedoraMatch37

fedoraprojectfedoraMatch38

fedoraprojectfedoraMatch39

CPENameOperatorVersion
arm:mbed_tlsarm mbed tlslt2.28.5
arm:mbed_tlsarm mbed tlslt3.5.0

CPE	Name	Operator	Version
arm:mbed_tls	arm mbed tls	lt	2.28.5
arm:mbed_tls	arm mbed tls	lt	3.5.0

References

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDSHAANRULB57GVS5B3DZHXL5KCC7OWQ/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGRB5MO2KUJKYPMGXMIZH2WRH6QR5UZS/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O7SB7L6A56QZALDTOZ6O4X7PTC4I647R/

mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2023-10-1/

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.9%

JSON

Related for CVE-2023-43615

openvas3 ubuntucve1 nessus3 prion1 nvd1 debiancve1 veracode1 alpinelinux1 fedora3 osv1 cvelist1