CVE advisoryCRITICAL
CVE-2024-49195
Mbed TLS Buffer Underrun in Opaque Key Pair Writing
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
Mbed TLS has a buffer underrun vulnerability in the `pkwrite` function affecting versions 3.5.x through 3.6.x before 3.6.2 when writing opaque key pairs, potentially leading to denial-of-service or data manipulation.