VulnerableCode Package Details - pkg:conan/mbedtls@2.17.0

Search for packages

Package details: pkg:conan/mbedtls@2.17.0

Essentials
History (1)

purl	pkg:conan/mbedtls@2.17.0
Tags	Ghost

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-qnku-acqz-tye6 Aliases: CVE-2020-16150	A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T11:15:18.229444+00:00	GitLab Importer	Affected by	VCID-qnku-acqz-tye6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/mbedtls/CVE-2020-16150.yml	37.0.0