CVE-2025-52497 | mbed TLS up to 3.6.3 PEM mbedtls_pem_read_buffer off-by-one

Inserito da Angelo Barbosa | Lug 4, 2025 | CVE

A vulnerability was found in mbed TLS up to 3.6.3. It has been declared as problematic. Affected by this vulnerability is the function mbedtls_pem_read_buffer of the component PEM Handler. The manipulation leads to off-by-one.

This vulnerability is known as CVE-2025-52497. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-52497 | mbed TLS up to 3.6.3 PEM mbedtls_pem_read_buffer off-by-one

Post correlati

CVE-2024-24061 | springboot-manager 1.6 /sysContent/add cross site scripting

CVE-2024-57520 | Asterisk 22 action_createconfig permission

CVE-2024-48769 | BURG-WCHTER de.burgwachter.keyapp.app 4.5.0 Firmware Update information disclosure

CVE-2023-49086 | Cacti up to 1.2.25 Incomplete Fix CVE-2023-39360 graphs_new.php cross site scripting