8 matches found
JLSEC-2025-227 Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted ...
Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtlssslsethostname...
EUVD-2025-8055
Malicious code in bioql PyPI...
CVE-2025-27809
Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtlssslsethostname...
DEBIAN-CVE-2025-27809
Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtlssslsethostname...
UBUNTU-CVE-2025-27809
Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtlssslsethostname...
Mbed TLS 安全漏洞
Mbed TLS is an open source, portable, easy to use, readable and flexible SSL library from Mbed TLS Open Source. A security vulnerability exists in Mbed TLS versions prior to 2.28.10 and 3.x versions prior to 3.6.3, which stems from a client accepting trusted certificates for arbitrary hostnames...
CVE-2025-27809
Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtlssslsethostname...
CVE-2025-27809
MBed TLS vulnerability CVE-2025-27809 affects client-side TLS: versions before 2.28.10 and 3.x before 3.6.3 accept servers with trusted certificates for arbitrary hostnames unless the TLS client calls mbedtls_ssl_set_hostname. This can enable hostname validation bypass on affected clients. Connec...