3 matches found
CVE-2025-59438
Mbed TLS through 3.6.4 has an Observable Timing Discrepancy...
PT-2024-14545 · Mbed Tls +1 · Mbed Tls +1
Name of the Vulnerable Software and Affected Versions: Mbed TLS versions through 3.5.1 Description: An issue was discovered in the mbedtls ssl session reset function, where the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes t...
PT-2021-6586 · Arm +2 · Arm Mbed Tls +2
Name of the Vulnerable Software and Affected Versions: Arm Mbed TLS versions prior to 2.24.0 Description: An issue in Arm Mbed TLS allows an attacker to recover a private key via a side-channel attack against generation of base blinding/unblinding values, potentially affecting RSA or static...