CNNVD-202510-2752 Information
Oct 21, 2025
cve
CNNVD ID
CNNVD-202510-2752
Related CVE
- CNNVD Published: 2025-10-21
Description (Chinese)
Mbed TLS是Mbed TLS开源的一个开源、可移植、易于使用、可读且灵活的 SSL 库。 Mbed TLS 3.6.4及之前版本存在安全漏洞,该漏洞源于存在可观察的时间差异。
Description (English)
Mbed TLS is an open source, portable, user-friendly, readable and flexible SSL library for Mbed TLS. Mbed TLS 3.6.4 and previous versions had a security gap, which stemmed from observed time differences.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Mbed TLS
Published
2025-10-21
Last Modified
2026-02-24
References
https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/ https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-10-invalid-padding-error/ https://vigilance.fr/vulnerability/Mbed-TLS-information-disclosure-via-Cipher-Error-Reporting-48527