Security Advisory

CVE-2025-27809

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-25 00:00:00

Last updated 2025-03-25 16:49:13

Assigner mitre

State PUBLISHED

Description

Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname.

← Browse all CVEs View on cve.org ↗