MbedTLS_jll
JLSEC-2026-467Critical 9.8Mbed TLS serialized session data is not cryptographically protectedJLSEC-2026-466Critical 9.1Mbed TLS peer can force the FFDH shared secret into a small set of valuesJLSEC-2026-463Medium 5.1Mbed TLS timing side channel in RSA and CBC/ECB decryptionJLSEC-2026-465Medium 6.7Mbed TLS may use a low entropy PRNG seedJLSEC-2026-464High 7.7Mbed TLS might use cloned PSA random generator statesJLSEC-2025-233Padding oracle through timing of cipher error reportingJLSEC-2025-232Side channel in RSA key generation and operations (SSBleed, M-Step)JLSEC-2025-231Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that …JLSEC-2025-230Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtls_asn1_store_named_dat…JLSEC-2025-229Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtls_…JLSEC-2025-228Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimiz…JLSEC-2025-187Medium 5.4Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation o…JLSEC-2025-227Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that ha…JLSEC-2025-226An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user…JLSEC-2025-225An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.…JLSEC-2025-224Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows…JLSEC-2025-223An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2JLSEC-2025-222Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.JLSEC-2025-221Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in…JLSEC-2025-220An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0JLSEC-2025-219An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0JLSEC-2025-218An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0JLSEC-2025-217A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkc…JLSEC-2025-216In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based de…JLSEC-2025-215In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_enc…JLSEC-2025-214Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstra…JLSEC-2025-213An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.1…JLSEC-2025-212An issue was discovered in Mbed TLS before 2.24.0JLSEC-2025-211An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.1…JLSEC-2025-210An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.1…JLSEC-2025-209An issue was discovered in Arm Mbed TLS before 2.24.0JLSEC-2025-208An issue was discovered in Arm Mbed TLS before 2.24.0JLSEC-2025-207An issue was discovered in Arm Mbed TLS before 2.24.0JLSEC-2025-206An issue was discovered in Arm Mbed TLS before 2.23.0JLSEC-2025-205An issue was discovered in Arm Mbed TLS before 2.23.0JLSEC-2025-204An issue was discovered in Arm Mbed TLS before 2.23.0JLSEC-2025-203In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file deco…JLSEC-2025-202A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted…JLSEC-2025-201An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15JLSEC-2025-200Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA priva…JLSEC-2025-199The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through…JLSEC-2025-198Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is …