CNNVD-202507-500 Information

CNNVD ID

CNNVD-202507-500

Related CVE

CVE-2025-52497

• CNNVD Published: 2025-07-04

Description (Chinese)

Mbed TLS是Mbed TLS开源的一个开源、可移植、易于使用、可读且灵活的 SSL 库。 Mbed TLS 3.6.4之前版本存在安全漏洞，该漏洞源于PEM解析中的堆缓冲区下溢，可能导致内存损坏。

Description (English)

Mbed TLS is an open source, portable, user-friendly, readable and flexible SSL library for Mbed TLS. There was a security loophole in the previous version of Mbed TLS 3.6.4, which originated from the leaking of the buffer zone in the PEM analysis, which could lead to damage to the memory.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Mbed TLS

Published

2025-07-04

Last Modified

2026-02-24

References

https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2025-06-2.md

Patch

https://github.com/Mbed-TLS/mbedtls/releases