Mbed Tls Security Vulnerabilities and Issues — Mbed Tls CVE List

Lucene search

ArmMbed Tls

3 matches found

CVE•added 2021/12/20 8:15 a.m.•91 views

CVE-2021-44732

Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure.

9.8CVSS9.3AI score0.00432EPSS

CVE•added 2021/12/21 7:15 a.m.•73 views

CVE-2021-45450

In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.

7.5CVSS7.5AI score0.0004EPSS

CVE•added 2021/12/21 7:15 a.m.•62 views

CVE-2021-45451

In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.

7.5CVSS7.4AI score0.00071EPSS