Arm

Mbed Tls

59 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-47917

  • EPSS 2.22%
  • Veröffentlicht 20.07.2025 00:00:00
  • Zuletzt bearbeitet 07.08.2025 01:18:26

Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are developed in accordance with the documentation. The function mbedtls_x509_string_to_names() takes a head argument that is documented as an output argument. T...

3.7

CVE-2025-49087

Exploit
  • EPSS 0.05%
  • Veröffentlicht 20.07.2025 00:00:00
  • Zuletzt bearbeitet 07.08.2025 01:21:40

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS#7 padding mode is used.

7.5

CVE-2025-48965

  • EPSS 0.08%
  • Veröffentlicht 20.07.2025 00:00:00
  • Zuletzt bearbeitet 07.08.2025 01:14:49

Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtls_asn1_store_named_data can trigger conflicting data with val.p of NULL but val.len greater than zero.

4.8

CVE-2025-52497

  • EPSS 0.08%
  • Veröffentlicht 04.07.2025 00:00:00
  • Zuletzt bearbeitet 17.07.2025 16:00:42

Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtls_pem_read_buffer and two mbedtls_pk_parse functions, via untrusted PEM input.

7.8

CVE-2025-52496

Exploit
  • EPSS 0.02%
  • Veröffentlicht 04.07.2025 00:00:00
  • Zuletzt bearbeitet 22.09.2025 17:16:48

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.

6.5

CVE-2025-49601

  • EPSS 0.06%
  • Veröffentlicht 04.07.2025 00:00:00
  • Zuletzt bearbeitet 17.07.2025 16:00:02

In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbe...

4.9

CVE-2025-49600

  • EPSS 0.01%
  • Veröffentlicht 04.07.2025 00:00:00
  • Zuletzt bearbeitet 17.07.2025 15:59:03

In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_verify may accept invalid signatures if hash computation fails and internal errors go unchecked, enabling LMS (Leighton-Micali Signature) forgery in a fault scenario. Specifically, unchecked return values in...

5.4

CVE-2025-27809

  • EPSS 0.04%
  • Veröffentlicht 25.03.2025 00:00:00
  • Zuletzt bearbeitet 17.07.2025 15:57:21

Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname.

9.8

CVE-2024-49195

  • EPSS 0.44%
  • Veröffentlicht 15.10.2024 20:15:21
  • Zuletzt bearbeitet 06.05.2025 18:01:24

Mbed TLS 3.5.x through 3.6.x before 3.6.2 has a buffer underrun in pkwrite when writing an opaque key pair

9.8

CVE-2024-45159

  • EPSS 0.24%
  • Veröffentlicht 05.09.2024 19:15:13
  • Zuletzt bearbeitet 13.03.2025 20:15:22

An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage extensions, then the re...