Homepage

mbedtls vulnerabilities

Licenses: Apache-2.0 | Unknown

License

Apache-2.0
[2.16.12];
[2.25.0];
[2.28.10];
see more versions
Unknown
[2.23.0];
[2.24.0];
[2.28.8];
see more versions
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the mbedtls package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
Timing Attack

[,3.6.5)
  • M
Timing Attack

[,3.6.5)
  • C
Use After Free

[,3.6.4)
  • M
Covert Timing Channel

[3.6.1,3.6.4)
  • M
NULL Pointer Dereference

[,3.6.4)
  • L
Missing Cryptographic Step

[3.4.1,3.6.4)
  • M
Out-of-bounds Read

[3.4.1,3.6.4)
  • M
Off-by-one Error

[,3.6.4)
  • M
Compiler Optimization Removal or Modification of Security-critical Code

[,3.6.4)
  • M
Use of Uninitialized Resource

[,2.28.10)[3.0.0,3.6.4)
  • M
Insecure Default Initialization of Resource

[,2.28.10)[3.0.0,3.6.4)
  • M
Out-of-bounds Read

[0,)
  • H
Uncontrolled Resource Consumption ('Resource Exhaustion')

[0,)
  • H
Uncontrolled Resource Consumption ('Resource Exhaustion')

[0,)
  • C
Buffer Underflow

[3.5.0,3.6.2)
  • H
Improper Certificate Validation

[3.2.1,3.6.1)
  • M
Missing Cryptographic Step

[2.28.4,2.28.9)[3.0.0,3.6.1)
  • H
Stack-based Buffer Overflow

[,3.6.1)
  • M
Improper Isolation or Compartmentalization

[,2.28.8)[3.0.0,3.6.0)
  • M
Observable Timing Discrepancy

[,2.28.8)[3.0.0,3.5.2)
  • M
Heap-based Buffer Overflow

[,2.28.8)[3.0.0,3.5.2)
  • H
Buffer Overflow

[,2.28.8)[3.0.0,3.5.0)
  • H
Buffer Overflow

[3.2.1,3.5.0)
  • M
Improperly Implemented Security Check for Standard

[0,)
  • H
Uncontrolled Resource Consumption ('Resource Exhaustion')

[3.4.1,3.6.0)
  • M
Cryptographic Issues

[,2.28.4)[3.0.0,3.4.1)
  • H
Heap-based Buffer Overflow

[,2.28.4)[3.0.0,3.4.1)
  • M
Use of a Broken or Risky Cryptographic Algorithm

[,2.28.4)
  • M
Buffer Overread

[,2.28.4)[3.0.0,3.2.1)
  • H
Denial of Service (DoS)

[,2.28.4)[3.0.0,3.1.0)
  • H
Buffer Overflow

[,2.25.0)
  • M
User Enumeration

[,2.23.0)
  • M
Improper Certificate Validation

[,2.24.0)
  • M
User Enumeration

[,2.28.4)
  • M
User Enumeration

[,2.24.0)
  • H
Out-of-bounds Read

[,2.24.0)
  • M
Improper Certificate Validation

[,2.24.0)
  • H
Information Exposure

[,2.24.0)
  • H
Improper Certificate Validation

[,2.25.0)
  • H
Denial of Service (DoS)

[0,)
  • M
Cryptographic Issues

[0,)