In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read (of less than 256 bytes) in a TLS 1.3 server via a TLS 3.1 ClientHello.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-04-03T00:00:00
Updated: 2024-08-02T01:25:03.067Z
Reserved: 2024-03-24T00:00:00
Link: CVE-2024-30166
Vulnrichment
Updated: 2024-08-01T14:13:30.410Z
NVD
Status : Awaiting Analysis
Published: 2024-04-03T03:15:10.510
Modified: 2024-08-01T15:35:09.177
Link: CVE-2024-30166
Redhat
No data.