CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2020-10941
https://notcve.org/view.php?id=CVE-2020-10941
24 Mar 2020 — Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import. Arm Mbed TLS versiones anteriores a 2.16.5, permite a atacantes obtener información confidencial (una clave privada RSA) al medir el uso de la memoria caché durante una importación. • https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html •
CVSS: 4.7EPSS: 0%CPEs: 7EXPL: 0CVE-2019-18222
https://notcve.org/view.php?id=CVE-2019-18222
23 Jan 2020 — The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks. La implementación de la firma ECDSA en el archivo ecdsa.c en Arm Mbed Crypto versión 2.1 y Mbed TLS versiones hasta 2.19.1, no reduce el escalar ciego antes de calcular el inverso, lo que permite a un atacante local recuperar la clave privada por medio de ataques de ... • https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html • CWE-203: Observable Discrepancy •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2019-16910
https://notcve.org/view.php?id=CVE-2019-16910
26 Sep 2019 — Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.) Arm Mbed TLS versiones anteriores a 2.19.0 y Arm Mbed Crypto versiones anteriores a 2.0.0, cuando el ECDSA determinista está habilitado, usa un RNG con entropía in... • https://github.com/ARMmbed/mbedtls/commit/298a43a77ec0ed2c19a8c924ddd8571ef3e65dfd •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2018-19608
https://notcve.org/view.php?id=CVE-2018-19608
05 Dec 2018 — Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-(EC)DH(E) cipher suites. Arm Mbed TLS en versiones anteriores a la 2.14.1, 2.7.8 y a la 2.1.17 permite que un atacante local sin privilegios recupere el texto plano del descifrado RSA, que se emplea en suites de cifrado RSA-without-(EC)DH(E). • http://cat.eyalro.net • CWE-269: Improper Privilege Management •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2018-0497 – Ubuntu Security Notice USN-4267-1
https://notcve.org/view.php?id=CVE-2018-0497
28 Jul 2018 — ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix (with a wrong SHA-384 calculation) for CVE-2013-0169. ARM mbed TLS en versiones anteriores a la 2.12.0, en versiones anteriores a la 2.7.5 y en versiones anteriores a la 2.1.14 permite a los atacantes remotos lograr una recuperación parcial de texto plano (para un c... • https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2018-0498 – Ubuntu Security Notice USN-4267-1
https://notcve.org/view.php?id=CVE-2018-0498
28 Jul 2018 — ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack. ARM mbed TLS en versiones anteriores a la 2.12.0, en versiones anteriores a la 2.7.5 y en versiones anteriores a la 2.1.14 permite a los usuarios locales lograr una recuperación parcial de texto plano (para un ciphersuite basado en CBC) mediante un ataque de canal lateral basado en caché. It was discovered that mbedtls has a... • https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1000520
https://notcve.org/view.php?id=CVE-2018-1000520
26 Jun 2018 — ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows Incorrectly Signed Certificates vulnerability in mbedtls_ssl_get_verify_result() that can result in ECDSA-signed certificates are accepted, when only RSA-signed ones should be.. This attack appear to be exploitable via Peers negotiate a TLS-ECDH-RSA-* ciphersuite. Any of the peers can then provide an ECDSA-signed certificate, when only an RSA-signed one should be accepted.. ARM mbedTLS, en versiones 2.7.0 y anteriores, contiene una vulnerab... • https://github.com/ARMmbed/mbedtls/issues/1561 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-9988
https://notcve.org/view.php?id=CVE-2018-9988
10 Apr 2018 — ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input. ARM mbed TLS, en versiones anteriores a la 2.1.11, anteriores a la 2.7.2 y anteriores a la 2.8.0, tiene una sobrelectura de búfer en ssl_parse_server_key_exchange() que podría provocar un cierre inesperado o una entrada no válida. • https://github.com/ARMmbed/mbedtls/commit/027f84c69f4ef30c0693832a6c396ef19e563ca1 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-9989
https://notcve.org/view.php?id=CVE-2018-9989
10 Apr 2018 — ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input. ARM mbed TLS, en versiones anteriores a la 2.1.11, anteriores a la 2.7.2 y anteriores a la 2.8.0, tiene una sobrelectura de búfer en ssl_parse_server_psk_hint() que podría provocar un cierre inesperado o una entrada no válida. • https://github.com/ARMmbed/mbedtls/commit/5224a7544c95552553e2e6be0b4a789956a6464e • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-18187 – Ubuntu Security Notice USN-4267-1
https://notcve.org/view.php?id=CVE-2017-18187
14 Feb 2018 — In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c. En ARM mbed TLS, en versiones anteriores a la 2.7.0, hay una omisión de comprobación de límites mediante un desbordamiento de enteros en el análisis de identidad PSK en la función ssl_parse_client_psk_identity() en library/ssl_srv.c. It was discovered that mbedtls has a bounds-check bypass through an integer overflow that can b... • http://www.securityfocus.com/bid/103055 • CWE-190: Integer Overflow or Wraparound •