CVE-2024-28960
HIGH8.2EPSS 0.15%發布日:2024/3/29修改日:2025/12/3
也稱為:ALPINE-CVE-2024-28960
描述
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.
受影響套件(2)
- Alpine/mbedtlsfrom 0, < 2.28.8-r0
- Debian/mbedtlsfrom 0
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.2 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N |