Linux Distros Unpatched Vulnerability : CVE-2026-34877

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized SSL context or session structures...

CVE-2026-34876

An issue was discovered in Mbed TLS 3.x before 3.6.6. An out-of-bounds read vulnerability in mbedtlsccmfinish in library/ccm.c allows attackers to obtain adjacent CCM context data via invocation of the multipart CCM API with an oversized taglen parameter. This is caused by missing validation of t...

CVE-2026-34877

An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized SSL context or session structures allows an attacker who can modify the serialized structures to induce memory corruption, leading to arbitrary code execution. This is cause...

DEBIAN-CVE-2026-34872

An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values lack of contributor...

ALPINE-CVE-2026-25835

Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator PRNG...

EUVD-2026-17967

Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade...

CVE-2026-34872

In Mbed TLS versions 3.5.x and 3.6.x up to 3.6.5, and TF-PSA-Crypto 1.0, there is a fault in finite-field Diffie-Hellman (FFDH) due to improper input validation that results in a lack of contributory behavior. The peer can force the shared secret into a small set of values, which matters for prot...

Mbed TLS 安全漏洞

Mbed TLS is an open-source, portable, easy-to-use, readable, and flexible SSL library developed by Mbed TLS. Mbed TLS versions 3.6.5 and earlier, as well as TF-PSA-Crypto version 1.0.0, have security vulnerabilities. These vulnerabilities stem from a buffer overflow issue during the export of the...

CVE-2026-25834

Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade...

PT-2026-29611

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

JLSEC-2025-213 An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS)

An issue was discovered in Mbed TLS before 2.25.0 and before 2.16.9 LTS and before 2.7.18 LTS. A NULL algorithm parameters entry looks identical to an array of REAL size zero and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate...

Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname.

...

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock.

...

Linux Distros Unpatched Vulnerability : CVE-2024-45159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided...

Linux Distros Unpatched Vulnerability : CVE-2020-36424

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key for RSA or static Diffie-Hellman via a side-channel attack against...

Linux Distros Unpatched Vulnerability : CVE-2024-28836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of t...

Linux Distros Unpatched Vulnerability : CVE-2021-45450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psaciphergenerateiv and psacipherencrypt allow policy bypass or oracle-based decryption when the output buffer i...

Linux Distros Unpatched Vulnerability : CVE-2020-36475

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mbed TLS before 2.25.0 and before 2.16.9 LTS and before 2.7.18 LTS. The calculations performed by mbedtlsmpiexpmod are not limited;...

Mbed TLS 安全漏洞

Mbed TLS is an open source, portable, easy to use, readable and flexible SSL library from Mbed TLS Open Source. A security vulnerability exists in Mbed TLS versions prior to 2.28.10 and 3.x versions prior to 3.6.3, which stems from a client accepting trusted certificates for arbitrary hostnames...

Mbed TLS 安全漏洞

Mbed TLS is an open source, portable, easy to use, readable and flexible SSL library. A security vulnerability exists in Mbed TLS versions prior to 3.6.0, which stems from the fact that if TLS 1.2 is disabled at build time, a TLS 1.2 client may cause a denial of service by placing a server that...