VulnerableCode Package Details - pkg:deb/debian/mbedtls@3.6.5-0.1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/mbedtls@3.6.5-0.1

Essentials
History (3)

purl	pkg:deb/debian/mbedtls@3.6.5-0.1

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	2.3

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-4sbv-dqyv-6baw Aliases: CVE-2024-45157	An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not cause the PSA subsystem to use HMAC_DRBG: it uses HMAC_DRBG only when MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG and MBEDTLS_CTR_DRBG_C are disabled.	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:41:43.299648+00:00	Debian Importer	Affected by	VCID-4sbv-dqyv-6baw	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:42:08.241328+00:00	Debian Importer	Affected by	VCID-4sbv-dqyv-6baw	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-08T19:47:43.880916+00:00	Debian Importer	Affected by	VCID-4sbv-dqyv-6baw	https://security-tracker.debian.org/tracker/data/json	38.1.0