CVE-2025-54764
- EPSS 0.2%
- Veröffentlicht 20.10.2025 00:00:00
- Zuletzt bearbeitet 31.10.2025 15:09:59
Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct calls to mbedtls_mpi_mod_inv or mbedtls_mpi_gcd.
CVE-2025-47917
- EPSS 1.99%
- Veröffentlicht 20.07.2025 00:00:00
- Zuletzt bearbeitet 03.11.2025 20:19:05
Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are developed in accordance with the documentation. The function mbedtls_x509_string_to_names() takes a head argument that is documented as an output argument. T...
CVE-2025-48965
- EPSS 0.46%
- Veröffentlicht 20.07.2025 00:00:00
- Zuletzt bearbeitet 03.11.2025 20:19:07
Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtls_asn1_store_named_data can trigger conflicting data with val.p of NULL but val.len greater than zero.
CVE-2025-52497
- EPSS 0.28%
- Veröffentlicht 04.07.2025 00:00:00
- Zuletzt bearbeitet 03.11.2025 20:19:13
Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtls_pem_read_buffer and two mbedtls_pk_parse functions, via untrusted PEM input.
CVE-2025-52496
- EPSS 0.19%
- Veröffentlicht 04.07.2025 00:00:00
- Zuletzt bearbeitet 03.11.2025 20:19:13
Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.
CVE-2025-27810
- EPSS 0.27%
- Veröffentlicht 25.03.2025 00:00:00
- Zuletzt bearbeitet 05.06.2026 19:38:32
Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays.
CVE-2025-27809
- EPSS 0.18%
- Veröffentlicht 25.03.2025 00:00:00
- Zuletzt bearbeitet 05.06.2026 19:38:32
Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname.
CVE-2024-30166
- EPSS 0.73%
- Veröffentlicht 03.04.2024 03:15:10
- Zuletzt bearbeitet 05.06.2026 19:38:32
In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read (of less than 256 bytes) in a TLS 1.3 server via a TLS 3.1 ClientHello.
CVE-2024-28836
- EPSS 0.41%
- Veröffentlicht 03.04.2024 03:15:10
- Zuletzt bearbeitet 05.06.2026 19:38:32
An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of the protocol if it is disabled. If the TLS 1.2 implementation was disabled at build time, a...
CVE-2024-28960
- EPSS 0.84%
- Veröffentlicht 29.03.2024 06:15:07
- Zuletzt bearbeitet 05.06.2026 19:38:32
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.