Mbed

Mbedtls

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-48965

  • EPSS 0.03%
  • Veröffentlicht 20.07.2025 00:00:00
  • Zuletzt bearbeitet 03.11.2025 20:19:07

Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtls_asn1_store_named_data can trigger conflicting data with val.p of NULL but val.len greater than zero.

3.7

CVE-2025-49087

Exploit
  • EPSS 0.05%
  • Veröffentlicht 20.07.2025 00:00:00
  • Zuletzt bearbeitet 07.08.2025 01:21:40

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS#7 padding mode is used.

9.8

CVE-2025-47917

  • EPSS 3.31%
  • Veröffentlicht 20.07.2025 00:00:00
  • Zuletzt bearbeitet 03.11.2025 20:19:05

Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are developed in accordance with the documentation. The function mbedtls_x509_string_to_names() takes a head argument that is documented as an output argument. T...

4.9

CVE-2025-49600

  • EPSS 0.01%
  • Veröffentlicht 04.07.2025 00:00:00
  • Zuletzt bearbeitet 17.07.2025 15:59:03

In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_verify may accept invalid signatures if hash computation fails and internal errors go unchecked, enabling LMS (Leighton-Micali Signature) forgery in a fault scenario. Specifically, unchecked return values in...

6.5

CVE-2025-49601

  • EPSS 0.04%
  • Veröffentlicht 04.07.2025 00:00:00
  • Zuletzt bearbeitet 17.07.2025 16:00:02

In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbe...

7.8

CVE-2025-52496

Exploit
  • EPSS 0.02%
  • Veröffentlicht 04.07.2025 00:00:00
  • Zuletzt bearbeitet 03.11.2025 20:19:13

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.

4.8

CVE-2025-52497

  • EPSS 0.06%
  • Veröffentlicht 04.07.2025 00:00:00
  • Zuletzt bearbeitet 03.11.2025 20:19:13

Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtls_pem_read_buffer and two mbedtls_pk_parse functions, via untrusted PEM input.

5.4

CVE-2025-27809

  • EPSS 0.08%
  • Veröffentlicht 25.03.2025 00:00:00
  • Zuletzt bearbeitet 17.07.2025 15:57:21

Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname.

4.8

CVE-2025-27810

  • EPSS 0.1%
  • Veröffentlicht 25.03.2025 00:00:00
  • Zuletzt bearbeitet 30.10.2025 15:05:35

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays.

9.8

CVE-2024-49195

  • EPSS 1%
  • Veröffentlicht 15.10.2024 20:15:21
  • Zuletzt bearbeitet 06.05.2025 18:01:24

Mbed TLS 3.5.x through 3.6.x before 3.6.2 has a buffer underrun in pkwrite when writing an opaque key pair