CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
AI Score
Confidence
Low
EPSS
Percentile
21.2%
A vulnerability in the mbedtls_x509_set_extension function of the Mbed TLS software is related to integer
overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of
denial of service
A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto software is associated with an
insufficient spatial separation. Exploitation of the vulnerability could allow an attacker to have an
impact the confidentiality, integrity, and availability of data