CVE-2024-28755 | mbed TLS up to 3.5.x API mbedtls_ssl_session_reset inadequate encryption

Inserito da Angelo Barbosa | Apr 3, 2024 | CVE

A vulnerability was found in mbed TLS up to 3.5.x and classified as problematic. This issue affects the function mbedtls_ssl_session_reset of the component API. The manipulation leads to inadequate encryption strength.

The identification of this vulnerability is CVE-2024-28755. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-28755 | mbed TLS up to 3.5.x API mbedtls_ssl_session_reset inadequate encryption

Post correlati

CVE-2024-34815 | Codection Import and Export Users and Customers Plugin up to 1.26.5 on WordPress authorization

CVE-2024-45304 | OpenZeppelin cairo-contracts up to 0.15.x control flow (GHSA-w2px-25pm-2cf9)

CVE-2022-48724 | Linux Kernel up to 5.16.7 iommu intel_setup_irq_remapping memory leak

CVE-2024-4302 | Super 8 Livechat SDK up to 4.5.0 Chat Box cross site scripting