CVE-2025-52497

4.8MEDIUM

Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtls_pem_read_buffer and two mbedtls_pk_parse functions, via untrusted PEM input.

Published: 7/4/2025Updated: 11/3/2025
View on NVDView on MITRE

Description

Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtls_pem_read_buffer and two mbedtls_pk_parse functions, via untrusted PEM input.

AI AnalysisPowered by AI

Affected Products

armmbed_tls

References