Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2024-30166

Опубликовано: 03 апр. 2024
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 9.1

Описание

In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read (of less than 256 bytes) in a TLS 1.3 server via a TLS 3.1 ClientHello.

РелизСтатусПримечание
devel

not-affected

3.6.2-3ubuntu1
esm-apps/bionic

not-affected

code not present
esm-apps/focal

not-affected

code not present
esm-apps/jammy

not-affected

code not present
esm-apps/noble

not-affected

code not present
esm-apps/xenial

not-affected

code not present
focal

ignored

end of standard support, was needs-triage
jammy

not-affected

code not present
mantic

ignored

end of life, was needs-triage
noble

not-affected

code not present

Показывать по

Ссылки на источники

EPSS

Процентиль: 57%
0.00348
Низкий

9.1 Critical

CVSS3

Связанные уязвимости

nvd логотип

CVE-2024-30166

CVSS3: 9.1
nvd
почти 2 года назад

In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read (of less than 256 bytes) in a TLS 1.3 server via a TLS 3.1 ClientHello.

msrc логотип

CVE-2024-30166

CVSS3: 9.1
msrc
около 1 года назад

Описание отсутствует

debian логотип

CVE-2024-30166

CVSS3: 9.1
debian
почти 2 года назад

In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can c ...

github логотип

GHSA-jqcx-vw98-5q84

CVSS3: 9.1
github
почти 2 года назад

In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read (of less than 256 bytes) in a TLS 1.3 server via a TLS 3.1 ClientHello.

EPSS

Процентиль: 57%
0.00348
Низкий

9.1 Critical

CVSS3