JLSEC-2025-211 An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS)

An issue was discovered in Mbed TLS before 2.24.0 and before 2.16.8 LTS and before 2.7.17 LTS. There is missing zeroization of plaintext buffers in mbedtlssslread to erase unused application data from memory...

CBL Mariner 2.0 Security Update: hvloader (CVE-2024-23170)

The version of hvloader installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23170 advisory. - An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channe...