3 matches found
CVE-2024-28755
An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the mbedtlssslsessionreset API, the maximum TLS version to be negotiated was not restored to the configured one. An attacker was able to prevent an Mbed TLS server from establishing any TLS 1.3 connection,...
CVE-2024-28755
An issue in Mbed TLS 3.5.x before 3.6.0: when an SSL context is reset via mbedtls_ssl_session_reset(), the maximum TLS version to negotiate is not restored to the configured value. This can allow an attacker to prevent a server from establishing any TLS 1.3 connections, potentially causing a Deni...
CVE-2024-28755
An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the mbedtlssslsessionreset API, the maximum TLS version to be negotiated was not restored to the configured one. An attacker was able to prevent an Mbed TLS server from establishing any TLS 1.3 connection,...