Homepage

mbedtls vulnerabilities

  • licenses detected

    • Apache-2.0
      [2.16.12]; [2.25.0]; [2.28.10]; [2.28.4]; [3.2.1]; [3.5.0]; [3.5.2]; [3.6.0]; [3.6.1]; [3.6.2]; [3.6.4]
    • Unknown
      [2.23.0]; [2.24.0]; [2.28.8]; [2.28.9]; [3.0.0]; [3.1.0]; [3.4.1]; [3.5.1]
    • Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the mbedtls package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • L
    Missing Cryptographic Step

    [3.4.1,3.6.4)
    • M
    Out-of-bounds Read

    [3.4.1,3.6.4)
    • M
    Off-by-one Error

    [,3.6.4)
    • M
    Compiler Optimization Removal or Modification of Security-critical Code

    [,3.6.4)
    • M
    Use of Uninitialized Resource

    [,2.28.10)[3.0.0,3.6.4)
    • M
    Insecure Default Initialization of Resource

    [,2.28.10)[3.0.0,3.6.4)
    • M
    Out-of-bounds Read

    [0,)
    • H
    Uncontrolled Resource Consumption ('Resource Exhaustion')

    [0,)
    • H
    Uncontrolled Resource Consumption ('Resource Exhaustion')

    [0,)
    • C
    Buffer Underflow

    [3.5.0,3.6.2)
    • H
    Improper Certificate Validation

    [3.2.1,3.6.1)
    • M
    Missing Cryptographic Step

    [2.28.4,2.28.9)[3.0.0,3.6.1)
    • H
    Stack-based Buffer Overflow

    [,3.6.1)
    • M
    Improper Isolation or Compartmentalization

    [,2.28.8)[3.0.0,3.6.0)
    • M
    Observable Timing Discrepancy

    [,2.28.8)[3.0.0,3.5.2)
    • M
    Heap-based Buffer Overflow

    [,2.28.8)[3.0.0,3.5.2)
    • H
    Buffer Overflow

    [,2.28.8)[3.0.0,3.5.0)
    • H
    Buffer Overflow

    [3.2.1,3.5.0)
    • M
    Improperly Implemented Security Check for Standard

    [0,)
    • H
    Uncontrolled Resource Consumption ('Resource Exhaustion')

    [3.4.1,3.6.0)
    • M
    Cryptographic Issues

    [,2.28.4)[3.0.0,3.4.1)
    • H
    Heap-based Buffer Overflow

    [,2.28.4)[3.0.0,3.4.1)
    • M
    Use of a Broken or Risky Cryptographic Algorithm

    [,2.28.4)
    • M
    Buffer Overread

    [,2.28.4)[3.0.0,3.2.1)
    • H
    Denial of Service (DoS)

    [,2.28.4)[3.0.0,3.1.0)
    • H
    Buffer Overflow

    [,2.25.0)
    • M
    User Enumeration

    [,2.23.0)
    • M
    Improper Certificate Validation

    [,2.24.0)
    • M
    User Enumeration

    [,2.28.4)
    • M
    User Enumeration

    [,2.24.0)
    • H
    Out-of-bounds Read

    [,2.24.0)
    • M
    Improper Certificate Validation

    [,2.24.0)
    • H
    Information Exposure

    [,2.24.0)
    • H
    Improper Certificate Validation

    [,2.25.0)
    • H
    Denial of Service (DoS)

    [0,)
    • M
    Cryptographic Issues

    [0,)