Lucene search
K

7 matches found

OSV
OSV
added 2026/04/01 8:16 p.m.6 views

DEBIAN-CVE-2026-34872

An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values lack of contributor...

9.1CVSS5.3AI score0.00204EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.5 views

Linaro Trusted Firmware-M 安全漏洞

Linaro Trusted Firmware-M Tf-M is a reference implementation of the Platform Security Architecture Psa IoT security framework from Linaro, UK. A security vulnerability exists in Linaro Trusted Firmware-M version 2.1.0, which stems from not validating user-supplied pointers to invec and outvec...

9.8CVSS6.8AI score0.00788EPSS
Exploits0References3
OSV
OSV
added 2024/09/05 7:15 p.m.5 views

UBUNTU-CVE-2024-45157

An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLSPSAHMACDRBGMDTYPE does not cause the PSA subsystem to use HMACDRBG: it uses HMACDRBG only when MBEDTLSPSACRYPTOEXTERNALRNG and...

5.1CVSS5.8AI score0.00236EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/09/05 12:0 a.m.5 views

Trusted Firmware-M 安全漏洞

Linaro Trusted Firmware-M Tf-M is a reference implementation of the Platform Security Architecture Psa IoT security framework from Linaro, UK. A security vulnerability exists in Trusted Firmware-M version 2.0.0 and prior versions, which stems from a lack of parameter validation in the logging...

4.7CVSS6.6AI score0.00293EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/04/02 12:0 a.m.6 views

The vulnerability of the PSA Crypto application programming interface, as well as the Mbed TLS and Mbed Crypto software, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the PSA Crypto application programming interface and the Mbed TLS and Mbed Crypto software implementations is related to insufficient spatial partitioning. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

5.3CVSS6.6AI score0.0084EPSS
Exploits0References6Affected Software3
SUSE CVE
SUSE CVE
added 2024/03/30 2:57 a.m.2 views

SUSE CVE-2024-28960

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...

8.2CVSS7AI score0.0084EPSS
Exploits0References3
OSV
OSV
added 2024/03/29 6:15 a.m.1 views

DEBIAN-CVE-2024-28960

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...

8.2CVSS6.6AI score0.0084EPSS
Exploits0References1
Rows per page
Query Builder