CVE advisoryCRITICAL
CVE-2024-30166
Mbed TLS Stack Buffer Over-read Information Disclosure and Denial of Service Vulnerability
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in the Mbed TLS cryptographic library could allow a malicious client to cause information disclosure or a denial of service. This occurs when a TLS 1.3 server, using affected versions of the library, processes a specially crafted TLS 3.1 ClientHello message. The reader should care because this library i