Lucene search
K

1363 matches found

osv
osv
added 2026/05/07 4:17 p.m.11 views

JLSEC-2026-463 Mbed TLS timing side channel in RSA and CBC/ECB decryption

In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel in RSA and CBC/ECB decryption that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected...

5.1CVSS5.8AI score0.0027EPSS
Exploits0References4
osv
osv
added 2026/05/07 4:17 p.m.7 views

JLSEC-2026-467 Mbed TLS serialized session data is not cryptographically protected

An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized SSL context or session structures allows an attacker who can modify the serialized structures to induce memory corruption, leading to arbitrary code execution. This is cause...

9.8CVSS6AI score0.00426EPSS
Exploits0References2
osv
osv
added 2026/05/07 4:17 p.m.6 views

JLSEC-2026-466 Mbed TLS peer can force the FFDH shared secret into a small set of values

An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values lack of contributor...

9.1CVSS5.8AI score0.00204EPSS
Exploits0References6
osv
osv
added 2026/05/07 4:17 p.m.6 views

JLSEC-2026-464 Mbed TLS might use cloned PSA random generator states

Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator PRNG...

7.7CVSS5.8AI score0.0017EPSS
Exploits0References2
osv
osv
added 2026/05/07 4:17 p.m.10 views

JLSEC-2026-465 Mbed TLS may use a low entropy PRNG seed

An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator PRNG...

6.7CVSS5.8AI score0.00192EPSS
Exploits0References6
osv
osv
added 2026/05/04 1:12 p.m.6 views

JLSEC-2026-417 libcurl did not check the server certificate of TLS connections done to a host specified as an IP...

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...

6.5CVSS7.3AI score0.01299EPSS
Exploits1References15
nessus
nessus
added 2026/04/11 12:0 a.m.7 views

FreeBSD : Mbed TLS -- vulnerabilities (d77bd2f5-34f0-11f1-bc6d-3c7c3fba4204)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d77bd2f5-34f0-11f1-bc6d-3c7c3fba4204 advisory. https://mbed-tls.readthedocs.io/en/latest/security-advisories/ reports: Tenable has extracted...

9.8CVSS5.9AI score0.00426EPSS
Exploits0References13
fedora
fedora
added 2026/04/10 1:1 a.m.6 views

[SECURITY] Fedora 43 Update: mbedtls-3.6.6-1.fc43

Mbed TLS is a light-weight open source cryptographic and SSL/TLS library written in C. Mbed TLS makes it easy for developers to include cryptographic and SSL/TLS capabilities in their embedded applications with as little hassle as possible...

9.1CVSS5.9AI score0.00308EPSS
Exploits0
nessus
nessus
added 2026/04/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-66442

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel in RSA and CBC/ECB decryption that only occurs with LLVM's select-optimize feature...

5.1CVSS5.8AI score0.0027EPSS
Exploits0References3
nessus
nessus
added 2026/04/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-34877

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized SSL context or session structures...

9.8CVSS6.1AI score0.00426EPSS
Exploits0References3
susecve
susecve
added 2026/04/03 11:26 p.m.6 views

SUSE CVE-2026-25833

Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x509inetptonipv6 function...

7.5CVSS6.1AI score0.00308EPSS
Exploits0References8
susecve
susecve
added 2026/04/03 11:26 p.m.7 views

SUSE CVE-2026-25834

Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade...

6.5CVSS5.7AI score0.00135EPSS
Exploits0References8
susecve
susecve
added 2026/04/03 11:26 p.m.6 views

SUSE CVE-2026-25835

Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator PRNG...

7.7CVSS5.8AI score0.0017EPSS
Exploits0References8
susecve
susecve
added 2026/04/03 11:24 p.m.9 views

SUSE CVE-2026-34871

An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator PRNG...

6.7CVSS5.8AI score0.00192EPSS
Exploits0References3
susecve
susecve
added 2026/04/03 11:24 p.m.13 views

SUSE CVE-2026-34872

An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values lack of contributor...

9.1CVSS5.8AI score0.00204EPSS
Exploits0References3
susecve
susecve
added 2026/04/03 11:24 p.m.12 views

SUSE CVE-2026-34873

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

9.1CVSS5.8AI score0.00241EPSS
Exploits0References3
susecve
susecve
added 2026/04/03 11:24 p.m.11 views

SUSE CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References7
susecve
susecve
added 2026/04/03 11:24 p.m.15 views

SUSE CVE-2026-34875

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys...

9.8CVSS6AI score0.00366EPSS
Exploits0References3
susecve
susecve
added 2026/04/03 11:24 p.m.11 views

SUSE CVE-2026-34876

An issue was discovered in Mbed TLS 3.x before 3.6.6. An out-of-bounds read vulnerability in mbedtlsccmfinish in library/ccm.c allows attackers to obtain adjacent CCM context data via invocation of the multipart CCM API with an oversized taglen parameter. This is caused by missing validation of t...

7.5CVSS5.8AI score0.0039EPSS
Exploits0References3
susecve
susecve
added 2026/04/03 11:24 p.m.10 views

SUSE CVE-2026-34877

An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized SSL context or session structures allows an attacker who can modify the serialized structures to induce memory corruption, leading to arbitrary code execution. This is cause...

9.8CVSS6AI score0.00426EPSS
Exploits0References3
Rows per page
Query Builder