Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.1
CVE-2026-34872
- EPSS 0.2%
- Veröffentlicht 01.04.2026 00:00:00
- Zuletzt bearbeitet 03.04.2026 20:02:33
An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret...
5.1
CVE-2025-66442
- EPSS 0.27%
- Veröffentlicht 01.04.2026 00:00:00
- Zuletzt bearbeitet 03.04.2026 20:04:38
In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected.
1