5 matches found
PT-2026-29578
Name of the Vulnerable Software and Affected Versions Mbed TLS versions 3.3.0 through 3.6.5 and version 4.0.0 Description The Mbed TLS software contains a flaw related to Algorithm Downgrade. Recommendations Update to a version later than 3.6.5. Update to a version later than 4.0.0...
CVE-2025-59438
Mbed TLS through 3.6.4 has an Observable Timing Discrepancy...
PT-2024-14545 · Mbed Tls +1 · Mbed Tls +1
Name of the Vulnerable Software and Affected Versions: Mbed TLS versions through 3.5.1 Description: An issue was discovered in the mbedtls ssl session reset function, where the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes t...
SUSE CVE-2021-44732
Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtlssslsetsession failure...
PT-2021-6586 · Arm +2 · Arm Mbed Tls +2
Name of the Vulnerable Software and Affected Versions: Arm Mbed TLS versions prior to 2.24.0 Description: An issue in Arm Mbed TLS allows an attacker to recover a private key via a side-channel attack against generation of base blinding/unblinding values, potentially affecting RSA or static...