Lucene search
+L

496 matches found

OSV
OSV
added 2026/07/10 5:16 p.m.2 views

DEBIAN-CVE-2026-54919

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In affected Mbed TLS backend versions from 0.31.0 through 0.46.1 and wolfSSL backend versions from 0.33.0 through 0.46.1, when cpp-httplib is built with CPPHTTPLIBMBEDTLSSUPPORT or CPPHTTPLIBWOLFSSLSUPPORT and a...

7.4CVSS6.9AI score0.00264EPSS
Exploits0References1
NVD
NVD
added 2026/07/10 5:16 p.m.7 views

CVE-2026-54919

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In affected Mbed TLS backend versions from 0.31.0 through 0.46.1 and wolfSSL backend versions from 0.33.0 through 0.46.1, when cpp-httplib is built with CPPHTTPLIBMBEDTLSSUPPORT or CPPHTTPLIBWOLFSSLSUPPORT and a...

7.4CVSS0.00264EPSS
Exploits0References3
CVE
CVE
added 2026/07/10 4:6 p.m.13 views

CVE-2026-54919

cpp-httplib on Mbed TLS and wolfSSL backends was vulnerable to a TLS certificate chain verification bypass for IP-literal hosts (affecting v0.31.0–0.46.1) when server verification was enabled; SSLClient/Client could skip chain validation and Mbed TLS WebSocketClient could skip verification. The i...

7.4CVSS6.9AI score0.00264EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.9 views

PT-2026-56844

Name of the Vulnerable Software and Affected Versions libmbedtls23 affected versions not specified libeverest affected versions not specified Description Security issues were identified and subsequently fixed in the libmbedtls23 and libeverest packages within the openSUSE Tumbleweed GA media...

6.1AI score
Exploits0References18
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.7 views

PT-2026-56849

Name of the Vulnerable Software and Affected Versions libmbedtls2 affected versions not specified libeverest affected versions not specified Description Security issues were identified in the libmbedtls2 and libeverest packages within the openSUSE Tumbleweed GA media. Recommendations Update...

6.1AI score
Exploits0References18
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.10 views

PT-2026-56845

Name of the Vulnerable Software and Affected Versions libmbedtls2 affected versions not specified libeverest affected versions not specified Description Security issues were identified and subsequently fixed in the libmbedtls23-4.2.0-1.1 and libeverest-3.6.7-1.1 packages on the GA media of openSU...

6.1AI score
Exploits0References18
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.8 views

PT-2026-56835

Name of the Vulnerable Software and Affected Versions libmbedtls23 affected versions not specified libeverest affected versions not specified Description Security issues were identified and subsequently fixed in the libmbedtls23 and libeverest packages within the openSUSE Tumbleweed GA media...

6.1AI score
Exploits0References18
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.9 views

PT-2026-56838

Name of the Vulnerable Software and Affected Versions libmbedtls23 affected versions not specified libeverest affected versions not specified Description Security issues were identified and subsequently fixed in the libmbedtls23 and libeverest packages within the openSUSE Tumbleweed GA media...

6.1AI score
Exploits0References18
Hacker One
Hacker One
added 2026/06/26 8:40 a.m.22 views

curl: mbedTLS / wolfSSL / rustls backends silently skip hostname verification when CURLOPT_SSL_VERIFYPEER=0

Summary When an application sets CURLOPTSSLVERIFYPEER=0 while keeping CURLOPTSSLVERIFYHOST=2 the default, the mbedTLS, wolfSSL, and rustls TLS backends silently skip the hostname-vs-certificate check. The OpenSSL, GnuTLS, and Schannel backends correctly preserve hostname checking under the same...

6.1AI score
Exploits0
OSV
OSV
added 2026/06/22 1:34 p.m.2 views

OPENSUSE-SU-2026:21144-1 Security update for mbedtls

This update for mbedtls fixes the following issues: Changes in mbedtls: - Update to 3.6.6 LTS maintenance update from 3.6.1; security fixes accumulated across the 3.6.2-3.6.6 releases: CVE-2024-49195 boo1231708: buffer underrun in pkwrite when writing an opaque key pair CVE-2025-27809 boo1240051:...

9.8CVSS6.4AI score0.0199EPSS
Exploits5References27
OSV
OSV
added 2026/06/22 1:8 p.m.3 views

OPENSUSE-SU-2026:21145-1 Security update for mbedtls-2

This update for mbedtls-2 fixes the following issues: Changes in mbedtls-2: - Enable SRTP and DTLS protocols needed by some software. - Update to version 2.28.10: Default behavior changes In TLS clients, if mbedtlssslsethostname has not been called, mbedtlssslhandshake now fails with...

5.4CVSS6AI score0.00274EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in mbedtls

The use of a broken or risky cryptographic algorithm in the function mbedtlsmpiexpmod in lignum.c in Mbed TLS for all versions prior to 3.0.0, 2.27.0, or 2.16.11 allows attackers with access to precise timing and memory access information typically from an untrusted operating system attacking a...

4.7CVSS5.8AI score0.00163EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/03 12:0 a.m.9 views

Security update for ovmf (important)

openSUSE security update: security update for ovmf ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20875-1 Rating: important References: bsc1261469 bsc1261476 bsc1261477 bsc1261478 Cross-References: CVE-2026-25833 CVE-2026-25834 CVE-2026-25835...

8.7CVSS6AI score0.00308EPSS
Exploits0References4
OSV
OSV
added 2026/06/02 9:29 a.m.9 views

OPENSUSE-SU-2026:20875-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2026-25833: mbedtls: buffer overflow in the x509inetptonipv6 function bsc1261476. - CVE-2026-25834: mbedtls: client accepts signature algorithm chosen by server even if not advertised in client hello bsc1261477. - CVE-2026-25835: mbedtls: no...

7.7CVSS6AI score0.00308EPSS
Exploits0References8
OSV
OSV
added 2026/06/02 9:29 a.m.6 views

SUSE-SU-2026:21981-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2026-25833: mbedtls: buffer overflow in the x509inetptonipv6 function bsc1261476. - CVE-2026-25834: mbedtls: client accepts signature algorithm chosen by server even if not advertised in client hello bsc1261477. - CVE-2026-25835: mbedtls: no...

7.7CVSS6AI score0.00308EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in mbedtls

Mbed TLS versions before 3.0.1 have a double-free error under certain out-of-memory conditions, as demonstrated by a failure in the mbedtlssslsetsession function...

9.8CVSS8.3AI score0.02569EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in mbedtls

A issue was discovered in Mbed TLS before version 2.24.0 and before versions 2.16.8 LTS and 2.7.17 LTS. There is a lack of zeroization of plaintext buffers in mbedtlssslread, which is necessary to erase unused application data from memory...

7.5CVSS7.2AI score0.0155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in mbedtls

Before version 2.16.5 of Arm Mbed TLS, attackers could obtain sensitive information an RSA private key by monitoring cache usage during an import process...

5.9CVSS6.3AI score0.0163EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.16 views

Astra Linux – Vulnerability in mbedtls

A vulnerability was discovered in Arm Mbed TLS before versions 2.16.6 and 2.7.x, prior to 2.7.15. An attacker who can obtain precise side-channel measurements can recover the long-term ECDSA private key by 1 reconstructing the projective coordinates of the result of scalar multiplication by...

4.7CVSS5.1AI score0.00247EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.10 views

SUSE SLES15 Security Update : ovmf (SUSE-SU-2026:1952-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1952-1 advisory. This update for ovmf fixes the following issues - CVE-2026-25833: mbedtls: buffer underflow in x509inetptonipv6 bsc1261476. -...

7.7CVSS6AI score0.00308EPSS
Exploits0References13
Rows per page
Query Builder