CVE-2024-23744

Опубликовано: 21 янв. 2024

Источник: debian

Описание

An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends a TLS 1.3 ClientHello without extensions.

Пакет	Статус	Версия исправления	Релиз	Тип
mbedtls	not-affected			package

https://github.com/Mbed-TLS/mbedtls/issues/8694
https://github.com/Mbed-TLS/mbedtls/pull/8595
Likely specific to 3.5.1: https://github.com/Mbed-TLS/mbedtls/issues/8694#issuecomment-1889411367

CVE-2024-23744

CVSS3: 7.5

ubuntu

около 2 лет назад

An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends a TLS 1.3 ClientHello without extensions.

CVE-2024-23744

CVSS3: 7.5

nvd

около 2 лет назад

An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends a TLS 1.3 ClientHello without extensions.

CVE-2024-23744

CVSS3: 7.5

msrc

около 1 года назад

Описание отсутствует

GHSA-627f-4vcr-fmq4

CVSS3: 7.5

github

около 2 лет назад

An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends a TLS 1.3 ClientHello without extensions.