Arm: >> Mbed Tls >> 2.28.8 Security Vulnerabilities
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) to recover the private keys used in RSA.
CVSS Score
4.7
EPSS Score
0.0
Published
2023-01-17
A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-03-24
In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.
CVSS Score
7.5
EPSS Score
0.001
Published
2021-12-21
Page 2