CVE-2024-23170 | mbed TLS up to 2.28.6/3.5.1 timing discrepancy

Posted by Angelo Barbosa | Jan 30, 2024 | CVE

A vulnerability, which was classified as problematic, was found in mbed TLS up to 2.28.6/3.5.1. This affects an unknown part. The manipulation leads to observable timing discrepancy.

This vulnerability is uniquely identified as CVE-2024-23170. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23170 | mbed TLS up to 2.28.6/3.5.1 timing discrepancy

Related Posts

CVE-2023-38621 | GTKWave 3.3.115 VZT integer overflow (TALOS-2023-1812)

CVE-2024-34020 | hcode up to 2.1 mail.c putSDN stack-based overflow

CVE-2024-8290 | wclovers WCFM Plugin up to 6.7.12 on WordPress processing authorization

CVE-2024-24904 | Dell Secure Connect Gateway prior 5.22.00.16 Trusted Application Data Store cross site scripting (dsa-2024-077)