CVE-2025-27809

Vulnerability Description

Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname.

Vulnerability Details

Published Date

March 25, 2025

Last Modified

July 17, 2025

Source

NVD

CVE-2025-27809

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment