Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mbed_tls
(Arm)| Repositories | https://github.com/ARMmbed/mbedtls |
| #Vulnerabilities | 43 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-01-31 | CVE-2024-23170 | An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario. | Mbed_tls | 5.5 | ||
| 2024-01-31 | CVE-2024-23775 | Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service (DoS) via mbedtls_x509_set_extension(). | Mbed_tls | 7.5 | ||
| 2024-01-21 | CVE-2024-23744 | An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends a TLS 1.3 ClientHello without extensions. | Mbed_tls | 7.5 | ||
| 2024-01-21 | CVE-2023-52353 | An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum. | Mbed_tls | 7.5 | ||
| 2021-12-21 | CVE-2021-45450 | In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application. | Mbed_tls, Fedora | 7.5 | ||
| 2023-10-07 | CVE-2023-43615 | Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow. | Mbed_tls, Fedora | 7.5 | ||
| 2021-12-21 | CVE-2021-45451 | In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application. | Mbed_tls, Fedora | 7.5 | ||
| 2022-12-15 | CVE-2022-46392 | An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller. | Mbed_tls, Fedora | 5.3 | ||
| 2022-12-15 | CVE-2022-46393 | An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. | Mbed_tls, Fedora | 9.8 | ||
| 2023-10-07 | CVE-2023-45199 | Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution. | Mbed_tls | 9.8 |