PT-2025-48506 · Julia · Mbedtls Jll

Published

2025-11-21

·

Updated

2025-11-21

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock.
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

JLSEC-2025-208

Affected Products

Mbedtls Jll