PT-2025-48518 · Julia · Mbedtls Jll
Published
2025-11-21
·
Updated
2025-11-21
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS SSL DTLS CONNECTION ID is enabled and MBEDTLS SSL CID IN LEN MAX > 2 * MBEDTLS SSL CID OUT LEN MAX.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Mbedtls Jll