CVSS: 9.4EPSS: 1%CPEs: 3EXPL: 1CVE-2022-35409 – Gentoo Linux Security Advisory 202301-08
https://notcve.org/view.php?id=CVE-2022-35409
15 Jul 2022 — An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using... • https://github.com/Mbed-TLS/mbedtls/releases • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-2021-27433 – ARM mbed-ualloc memory library Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2021-27433
03 May 2022 — ARM mbed-ualloc memory library version 1.3.0 is vulnerable to integer wrap-around in function mbed_krbs, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. ARM mbed-ualloc memory library versión 1.3.0, es vulnerable a una envoltura de enteros en la función mbed_krbs, que puede conllevar a una asignación de memoria arbitraria, resultando en un comportamiento no esperado como un bloqueo o una inyección/ejecución de código remot... • https://github.com/ARMmbed/mbed-os/pull/14408 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 1CVE-2021-27435 – ARM mbed Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2021-27435
03 May 2022 — ARM mbed product Version 6.3.0 is vulnerable to integer wrap-around in malloc_wrapper function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. ARM mbed product versión 6.3.0, es vulnerable a una envoltura de enteros en la función "malloc_wrapper", que puede conllevar a una asignación de memoria arbitraria, resultando en un comportamiento no esperado como un bloqueo o una inyección/ejecución de código remota • https://github.com/ARMmbed/mbed-os/pull/14408 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-43666 – Gentoo Linux Security Advisory 202301-08
https://notcve.org/view.php?id=CVE-2021-43666
24 Mar 2022 — A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0. Se presenta una vulnerabilidad de denegación de servicio en mbed TLS 3.0.0 y anteriores, en la función mbedtls_pkcs12_derivation cuando la longitud de una contraseña de entrada es 0 Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution. Versions less than 2.28.1 are affected. • https://github.com/ARMmbed/mbedtls/issues/5136 • CWE-130: Improper Handling of Length Parameter Inconsistency •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-45450 – Gentoo Linux Security Advisory 202301-08
https://notcve.org/view.php?id=CVE-2021-45450
21 Dec 2021 — In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application. En Mbed TLS versiones anteriores a 2.28.0 y 3.x versiones anteriores a 3.1.0, las funciones psa_cipher_generate_iv y psa_cipher_encrypt permiten omitir la política o el descifrado basado en oráculos cuando el búfer de salida es encontrado en ubicaciones de memoria accesibles para una ... • https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-45451
https://notcve.org/view.php?id=CVE-2021-45451
21 Dec 2021 — In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application. En Mbed TLS versiones anteriores a 3.1.0, la función psa_aead_generate_nonce permite omitir la política o el descifrado basado en oráculos cuando el búfer de salida es encontrada en ubicaciones de memoria accesibles para una aplicación no confiable • https://github.com/ARMmbed/mbedtls/releases/tag/v3.1.0 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 1CVE-2021-44732 – Gentoo Linux Security Advisory 202301-08
https://notcve.org/view.php?id=CVE-2021-44732
20 Dec 2021 — Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure. Mbed TLS versiones anteriores a 3.0.1,presenta una doble liberación en determinadas condiciones de salida de memoria, como es demostrado por un fallo de la función mbedtls_ssl_set_session() Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution. Versions less than 2.28.1 are affected. • https://bugs.gentoo.org/829660 • CWE-415: Double Free •
CVSS: 7.5EPSS: 1%CPEs: 17EXPL: 0CVE-2020-36475 – Gentoo Linux Security Advisory 202301-08
https://notcve.org/view.php?id=CVE-2020-36475
23 Aug 2021 — An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs. Se ha detectado un problema en Mbed TLS versiones anteriores a 2.25.0 (y versiones anteriores a 2.16.9 LTS y versiones anteriores a 2.7.18 LTS). Los cálculos llevado a cabo por la función mbedtls_mpi_exp_mod no están limitados; por lo... • https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-36476 – Gentoo Linux Security Advisory 202301-08
https://notcve.org/view.php?id=CVE-2020-36476
23 Aug 2021 — An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data from memory. Se ha detectado un problema en Mbed TLS versiones anteriores a 2.24.0 (y versiones anteriores a 2.16.8 LTS y versiones anteriores a 2.7.17 LTS). Falta la puesta a cero de los búferes de texto plano en la función mbedtls_ssl_read para borrar de la memoria los datos no usados de la aplicación. Multip... • https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.8 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2020-36477 – Gentoo Linux Security Advisory 202301-08
https://notcve.org/view.php?id=CVE-2020-36477
23 Aug 2021 — An issue was discovered in Mbed TLS before 2.24.0. The verification of X.509 certificates when matching the expected common name (the cn argument of mbedtls_x509_crt_verify) with the actual certificate name is mishandled: when the subjecAltName extension is present, the expected name is compared to any name in that extension regardless of its type. This means that an attacker could impersonate a 4-byte or 16-byte domain by getting a certificate for the corresponding IPv4 or IPv6 address (this would require ... • https://github.com/ARMmbed/mbedtls/issues/3498 • CWE-295: Improper Certificate Validation •