High severity7.5NVD Advisory· Published Dec 21, 2021· Updated Jun 17, 2026
CVE-2021-45451
CVE-2021-45451
Description
In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Mbed TLS/Mbed TLSdescription
Patches
Vulnerability mechanics
References
3- github.com/ARMmbed/mbedtls/releases/tag/v3.1.0nvdPatchRelease NotesThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IL66WKJGXY5AXMTFE7QDMGL3RIBD6PX5/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TALJHOYAYSUJTLN6BYGLO4YJGNZUY74W/nvd
News mentions
0No linked articles in our index yet.