EUVD-2024-41337

Malicious code in bioql PyPI...

CBL Mariner 2.0 Security Update: hvloader (CVE-2024-45157)

The version of hvloader installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45157 advisory. - An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorit...

CVE-2024-45157

An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLSPSAHMACDRBGMDTYPE does not cause the PSA subsystem to use HMACDRBG: it uses HMACDRBG only when MBEDTLSPSACRYPTOEXTERNALRNG and...

CVE-2024-45157

CVE-2024-45157 affects Mbed TLS releases prior to 2.28.9 and 3.x prior to 3.6.1, where the user-selected algorithm is not honored. Specifically, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not switch PSA to HMAC_DRBG; HMAC_DRBG is used only when MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG and MBEDTLS_CTR_DRB...

CVE-2024-45157

An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLSPSAHMACDRBGMDTYPE does not cause the PSA subsystem to use HMACDRBG: it uses HMACDRBG only when MBEDTLSPSACRYPTOEXTERNALRNG and...