Arm: >> Mbed Tls >> 3.5.1 Security Vulnerabilities
An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-01-21
An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends a TLS 1.3 ClientHello without extensions.
CVSS Score
7.5
EPSS Score
0.0
Published
2024-01-21
Page 4