VYPR

MbedTLS

by Arm

Source repositories

CVEs (72)

  • CVE-2024-49195CriOct 15, 2024
    risk 0.64cvss 9.8epss 0.01

    Mbed TLS 3.5.x through 3.6.x before 3.6.2 has a buffer underrun in pkwrite when writing an opaque key pair

  • CVE-2024-45159CriSep 5, 2024
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage extensions, then the return value of…

  • CVE-2024-45158CriSep 5, 2024
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits…

  • CVE-2023-45199CriOct 7, 2023
    risk 0.64cvss 9.8epss 0.01

    Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution.

  • CVE-2022-46393CriDec 15, 2022
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.

  • CVE-2021-44732CriDec 20, 2021
    risk 0.64cvss 9.8epss 0.03

    Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure.

  • CVE-2018-0488CriFeb 13, 2018
    risk 0.64cvss 9.8epss 0.05

    ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the truncated HMAC extension and CBC are used, allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within a TLS or DTLS session.

  • CVE-2018-0487CriFeb 13, 2018
    risk 0.64cvss 9.8epss 0.03

    ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session.

  • CVE-2024-30166CriApr 3, 2024
    risk 0.59cvss 9.1epss 0.01

    In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read (of less than 256 bytes) in a TLS 1.3 server via a TLS 3.1 ClientHello.

  • CVE-2022-35409CriJul 15, 2022
    risk 0.59cvss 9.1epss 0.02

    An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or…

  • CVE-2026-34877CriApr 2, 2026
    risk 0.57cvss 9.8epss 0.00

    An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized SSL context or session structures allows an attacker who can modify the serialized structures to induce memory corruption, leading to arbitrary code…

  • CVE-2026-34875CriApr 1, 2026
    risk 0.57cvss 9.8epss 0.00

    An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys.

  • CVE-2017-14032HigAug 30, 2017
    risk 0.53cvss 8.1epss 0.01

    ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped…

  • CVE-2017-2784HigApr 20, 2017
    risk 0.53cvss 8.1epss 0.03

    An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack…

  • CVE-2026-34873CriApr 1, 2026
    risk 0.52cvss 9.1epss 0.00

    An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session.

  • CVE-2026-34872CriApr 1, 2026
    risk 0.52cvss 9.1epss 0.00

    An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values…

  • CVE-2024-23744HigJan 21, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends a TLS 1.3 ClientHello without extensions.

  • CVE-2023-43615HigOct 7, 2023
    risk 0.49cvss 7.5epss 0.01

    Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.

  • CVE-2021-45450HigDec 21, 2021
    risk 0.49cvss 7.5epss 0.01

    In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.

  • CVE-2018-1000520HigJun 26, 2018
    risk 0.49cvss 7.5epss 0.01

    ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows Incorrectly Signed Certificates vulnerability in mbedtls_ssl_get_verify_result() that can result in ECDSA-signed certificates are accepted, when only RSA-signed ones should be.. This attack appear to be…

Page 1 of 4