3 matches found
JLSEC-2025-187 Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware ...
Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...
The vulnerability of the mbedtls_asn1_store_named_data function in Mbed TLS software allows a attacker to execute arbitrary code.
The vulnerability of the mbedtlsasn1storenameddata function in Mbed TLS is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary code...
CVE-2020-10941
Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information an RSA private key by measuring cache usage during an import...