CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 1CVE-2021-44732
https://notcve.org/view.php?id=CVE-2021-44732
Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure. Mbed TLS versiones anteriores a 3.0.1,presenta una doble liberación en determinadas condiciones de salida de memoria, como es demostrado por un fallo de la función mbedtls_ssl_set_session() • https://bugs.gentoo.org/829660 https://github.com/ARMmbed/mbedtls/releases https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.12 https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0 https://github.com/ARMmbed/mbedtls/releases/tag/v3.1.0 https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2021-12 • CWE-415: Double Free •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2020-36475
https://notcve.org/view.php?id=CVE-2020-36475
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs. Se ha detectado un problema en Mbed TLS versiones anteriores a 2.25.0 (y versiones anteriores a 2.16.9 LTS y versiones anteriores a 2.7.18 LTS). Los cálculos llevado a cabo por la función mbedtls_mpi_exp_mod no están limitados; por lo tanto, el suministro de parámetros demasiado grandes podría conllevar a una denegación de servicio cuando se generan pares de claves Diffie-Hellman. • https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9 https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0 https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18 https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-36476
https://notcve.org/view.php?id=CVE-2020-36476
An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data from memory. Se ha detectado un problema en Mbed TLS versiones anteriores a 2.24.0 (y versiones anteriores a 2.16.8 LTS y versiones anteriores a 2.7.17 LTS). Falta la puesta a cero de los búferes de texto plano en la función mbedtls_ssl_read para borrar de la memoria los datos no usados de la aplicación. • https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.8 https://github.com/ARMmbed/mbedtls/releases/tag/v2.24.0 https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.17 https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2020-36477
https://notcve.org/view.php?id=CVE-2020-36477
An issue was discovered in Mbed TLS before 2.24.0. The verification of X.509 certificates when matching the expected common name (the cn argument of mbedtls_x509_crt_verify) with the actual certificate name is mishandled: when the subjecAltName extension is present, the expected name is compared to any name in that extension regardless of its type. This means that an attacker could impersonate a 4-byte or 16-byte domain by getting a certificate for the corresponding IPv4 or IPv6 address (this would require the attacker to control that IP address, though). Se ha detectado un problema en Mbed TLS versiones anteriores a 2.24.0. La comprobación de los certificados X.509 cuando se compara el nombre común esperado (el argumento cn de la función mbedtls_x509_crt_verify) con el nombre real del certificado es manejado inapropiadamente: cuando la extensión subjecAltName está presente, el nombre esperado es comparado con cualquier nombre de esa extensión independientemente de su tipo. • https://github.com/ARMmbed/mbedtls/issues/3498 https://github.com/ARMmbed/mbedtls/releases/tag/v2.24.0 https://security.gentoo.org/glsa/202301-08 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 1CVE-2020-36478
https://notcve.org/view.php?id=CVE-2020-36478
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate should be considered invalid. Se ha detectado un problema en Mbed TLS versiones anteriores a 2.25.0 (y versiones anteriores a 2.16.9 LTS y versiones anteriores a 2.7.18 LTS). Una entrada de parámetros de algoritmo NULL parece idéntica a una matriz de REAL (tamaño cero) y, por tanto, el certificado es considerado válido. • https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf https://github.com/ARMmbed/mbedtls/issues/3629 https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9 https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0 https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18 https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html • CWE-295: Improper Certificate Validation •