Lucene search
Veracode Vulnerability DatabaseVERACODE:46174HistoryApr 03, 2024 - 12:15 p.m.
Sensitive Information Disclosure
2024-04-0312:15:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
sensitive information disclosure
vulnerability
shared memory
software
information security
psa crypto api
libmbedtls.so is vulnerable to Sensitive Information Disclosure. The vulnerability is due to inadequate handling of shared memory within the PSA Crypto API, potentially leading to information disclosure.
References
github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2024-03.md
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5YE3QRREGJC6K34JD4LZ5P3IALNX4QYY/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UZNBMKYEV2J5DI7R4BQGL472V7X3WJY/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NCDU52ZDA7TX3HC5JCU6ZZIJQOPTNBK6/
mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0146)
2024-04-26 00:00:00
Fedora: Security Advisory for mbedtls (FEDORA-2024-666210bd74)
2024-05-27 00:00:00
Fedora: Security Advisory for mbedtls (FEDORA-2024-1249d56928)
2024-05-27 00:00:00
nessus
nessus
Fedora 39 : mbedtls (2024-666210bd74)
2024-04-17 00:00:00
Fedora 40 : mbedtls (2024-a23b5f0783)
2024-04-29 00:00:00
Fedora 38 : mbedtls (2024-1249d56928)
2024-04-17 00:00:00
ubuntucve
ubuntucve
CVE-2024-28960
2024-03-29 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: mbedtls-2.28.8-1.fc38
2024-04-17 02:11:52
[SECURITY] Fedora 40 Update: mbedtls-2.28.8-1.fc40
2024-04-19 21:40:27
[SECURITY] Fedora 39 Update: mbedtls-2.28.8-1.fc39
2024-04-17 02:19:23
nvd
nvd
CVE-2024-28960
2024-03-29 06:15:07
cve
cve
CVE-2024-28960
2024-03-29 06:15:07
debiancve
debiancve
CVE-2024-28960
2024-03-29 06:15:07
osv
osv
CVE-2024-28960
2024-03-29 06:15:07
redhatcve
redhatcve
CVE-2024-28960
2024-03-29 09:31:10
mageia
mageia
Updated mbedtls packages fix security vulnerability
2024-04-25 19:00:30
alpinelinux
alpinelinux
CVE-2024-28960
2024-03-29 06:15:07
cvelist
cvelist
CVE-2024-28960
2024-03-29 00:00:00
redos
redos
ROS-20240503-04
2024-05-03 00:00:00