mbedtls vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the mbedtls package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
L CVE-2024-28755	*
L CVE-2024-28960	*
L Integer Overflow or Wraparound	*
L Information Exposure	*
L Buffer Overflow	*
L Use of a Broken or Risky Cryptographic Algorithm	*
L Information Exposure	*
C Out-of-bounds Read	<2.16.9-0~deb10u1
H CVE-2021-43666	<2.16.9-0~deb10u1
C Double Free	<2.16.9-0~deb10u1
H Improper Certificate Validation	<2.16.9-0~deb10u1
H Exposure of Resource to Wrong Sphere	<2.16.9-0~deb10u1
H Incorrect Calculation of Buffer Size	<2.16.9-0~deb10u1
M Information Exposure	<2.16.9-0~deb10u1
M Improper Certificate Validation	<2.16.9-0~deb10u1
M Information Exposure	<2.16.9-0~deb10u1
H Cleartext Transmission of Sensitive Information	<2.16.9-0~deb10u1
M Information Exposure	<2.16.9-0~deb10u1
H Out-of-bounds Read	<2.16.9-0~deb10u1
M Information Exposure	<2.16.9-0~deb10u1
M Information Exposure	<2.16.9-0~deb10u1
M Use of a Broken or Risky Cryptographic Algorithm	<2.16.9-0~deb10u1
M Missing Encryption of Sensitive Data	<2.16.9-0~deb10u1
M Information Exposure	<2.16.9-0~deb10u1
M Information Exposure	<2.16.9-0~deb10u1
M Improper Privilege Management	<2.14.1-1
M CVE-2018-0497	<2.12.0-1
M CVE-2018-0498	<2.12.0-1
L Improper Certificate Validation	*
H Out-of-bounds Read	<2.8.0-1
H Out-of-bounds Read	<2.8.0-1
C Integer Overflow or Wraparound	<2.7.0-2
C Out-of-Bounds	<2.7.0-2
C Out-of-bounds Write	<2.7.0-2
H Improper Authentication	<2.6.0-1
H Improper Certificate Validation	<2.4.2-1