6 matches found
Fedora: Security Advisory for mbedtls (FEDORA-2023-3c4a525dcc)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE 15 Security Update : mbedtls (openSUSE-SU-2022:10257-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:10257-1 advisory. - An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer...
Security update for mbedtls (important)
openSUSE Security Update: Security update for mbedtls Announcement ID: openSUSE-SU-2022:10257-1 Rating: important References: 1206576 Cross-References: CVE-2022-46393 CVSS scores: CVE-2022-46393 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-46393 SUSE: 9.8...
CVE-2022-46393
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLSSSLDTLSCONNECTIONID is enabled and MBEDTLSSSLCIDINLENMAX 2 MBEDTLSSSLCIDOUTLENMAX...
CVE-2022-46393
CVE-2022-46393 affects MBEDTLS DTLS in MBEDTLS_SSL_DTLS_CONNECTION_ID when MBEDTLS_SSL_CID_IN_LEN_MAX > 2 × MBEDTLS_SSL_CID_OUT_LEN_MAX. This can cause a heap-based buffer overflow or over-read. Public detail: vulnerable in MBed TLS < 2.28.2 and
CVE-2022-46393
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLSSSLDTLSCONNECTIONID is enabled and MBEDTLSSSLCIDINLENMAX 2 MBEDTLSSSLCIDOUTLENMAX...