CVE-2024-28755 | mbed TLS up to 3.5.x API mbedtls_ssl_session_reset inadequate encryption

Posted by Angelo Barbosa | Apr 3, 2024 | CVE

A vulnerability was found in mbed TLS up to 3.5.x and classified as problematic. This issue affects the function mbedtls_ssl_session_reset of the component API. The manipulation leads to inadequate encryption strength.

The identification of this vulnerability is CVE-2024-28755. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-28755 | mbed TLS up to 3.5.x API mbedtls_ssl_session_reset inadequate encryption

Related Posts

CVE-2024-9232 | Download Plugins and Themes in ZIP from Dashboard Plugin cross site scripting

CVE-2024-43311 | Geek Code Lab Login As Users Plugin up to 1.4.2 on WordPress privileges management

CVE-2024-23663 | Fortinet FortiExtender up to 7.0.4/7.2.4/7.4.2 HTTP access control (FG-IR-23-459)

CVE-2023-28526 | IBM Informix Dynamic Server 12.10/14.10 archecker heap-based overflow (XFDB-251204)