Arm

Mbed Tls

59 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-45158

  • EPSS 0.53%
  • Veröffentlicht 05.09.2024 19:15:13
  • Zuletzt bearbeitet 16.05.2025 20:17:39

An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA d...

5.1

CVE-2024-45157

  • EPSS 0.02%
  • Veröffentlicht 05.09.2024 19:15:12
  • Zuletzt bearbeitet 14.03.2025 17:15:47

An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not cause the PSA subsystem to use HMAC_DRBG: it uses ...

6.5

CVE-2024-28755

  • EPSS 0.13%
  • Veröffentlicht 03.04.2024 03:15:10
  • Zuletzt bearbeitet 10.06.2025 00:41:15

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the mbedtls_ssl_session_reset() API, the maximum TLS version to be negotiated was not restored to the configured one. An attacker was able to prevent an Mbed T...

5.4

CVE-2024-28836

  • EPSS 0.33%
  • Veröffentlicht 03.04.2024 03:15:10
  • Zuletzt bearbeitet 27.06.2025 17:46:46

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of the protocol if it is disabled. If the TLS 1.2 implementation was disabled at build time, a...

9.1

CVE-2024-30166

  • EPSS 0.48%
  • Veröffentlicht 03.04.2024 03:15:10
  • Zuletzt bearbeitet 27.06.2025 17:46:25

In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read (of less than 256 bytes) in a TLS 1.3 server via a TLS 3.1 ClientHello.

8.2

CVE-2024-28960

  • EPSS 0.22%
  • Veröffentlicht 29.03.2024 06:15:07
  • Zuletzt bearbeitet 28.05.2025 17:42:17

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.

7.5

CVE-2024-23775

  • EPSS 0.29%
  • Veröffentlicht 31.01.2024 08:15:42
  • Zuletzt bearbeitet 29.05.2025 15:15:30

Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service (DoS) via mbedtls_x509_set_extension().

5.5

CVE-2024-23170

  • EPSS 0.18%
  • Veröffentlicht 31.01.2024 08:15:42
  • Zuletzt bearbeitet 21.11.2024 08:57:06

An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to se...

7.5

CVE-2024-23744

Exploit
  • EPSS 0.07%
  • Veröffentlicht 21.01.2024 23:15:44
  • Zuletzt bearbeitet 04.06.2025 16:15:32

An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends a TLS 1.3 ClientHello without extensions.

7.5

CVE-2023-52353

Exploit
  • EPSS 0.06%
  • Veröffentlicht 21.01.2024 23:15:44
  • Zuletzt bearbeitet 30.05.2025 15:15:27

An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum.