Vulners
Lucene search
An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data from memory.
| Reporter | Title | Published | Views | Family All 48 |
|---|---|---|---|---|
 | Astra Linux - уязвимость в mbedtls | 3 May 202623:59 | – | astralinux |
 | ARM mbed TLS 安全漏洞 | 23 Aug 202100:00 | – | cnnvd |
 | CVE-2020-36476 | 23 Aug 202100:00 | – | cve |
 | CVE-2020-36476 | 23 Aug 202100:00 | – | cvelist |
 | [SECURITY] [DLA 2826-1] mbedtls security update | 23 Nov 202113:36 | – | debian |
| [SECURITY] [DLA 3249-1] mbedtls security update | 25 Dec 202223:33 | – | debian |
 | CVE-2020-36476 | 23 Aug 202100:00 | – | debiancve |
 | Debian DLA-2826-1 : mbedtls - LTS security update | 23 Nov 202100:00 | – | nessus |
| Debian dla-3249 : libmbedcrypto3 - security update | 26 Dec 202200:00 | – | nessus |
| GLSA-202301-08 : Mbed TLS: Multiple Vulnerabilities | 11 Jan 202300:00 | – | nessus |
10
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Sep 2025 02:31Current
7High risk
Vulners AI Score7
CVSS 25
CVSS 3.17.5
EPSS0.00679