4 matches found
CVE-2026-25834
Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade...
Linux Distros Unpatched Vulnerability : CVE-2020-36478
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mbed TLS before 2.25.0 and before 2.16.9 LTS and before 2.7.18 LTS. A NULL algorithm parameters entry looks identical to an array of...
Linux Distros Unpatched Vulnerability : CVE-2025-52497
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtlspemreadbuffer and two mbedtlspkparse functions, via untrusted PEM input...
SUSE CVE-2018-0497
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery for a CBC based ciphersuite via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix with a wrong SHA-384 calculation for CVE-2013-0169...