mbedTLS 2.26.X contains multiple vulnerabilities #56071
Labels
area: Security
Security
bug
The issue is a bug, or the PR is fixing a bug
LTS
Long term release branch related
priority: high
High impact/importance bug
Milestone
Describe the bug
mbedTLS 2.26 used on Zephyr LTS contains several vulnerabilities:
https://www.cvedetails.com/cve/CVE-2021-45450/
https://www.cvedetails.com/cve/CVE-2022-35409/
https://www.cvedetails.com/cve/CVE-2022-46392/
https://www.cvedetails.com/cve/CVE-2022-46393/
Expected behavior
Use an updated version that address known issues.
Impact
Products using this version may be exploited.
Additional context
https://www.cvedetails.com/vulnerability-list/vendor_id-15698/product_id-32568/ARM-Mbed-Tls.html
The text was updated successfully, but these errors were encountered: