Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-34872 (GCVE-0-2026-34872)
Vulnerability from cvelistv5 – Published: 2026-04-01 00:00 – Updated: 2026-04-01 19:52
VLAI?
EPSS
Summary
An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values (lack of contributory behavior). This is a problem for protocols that depend on contributory behavior (which is not the case for TLS). The attack can be carried by the peer, or depending on the protocol by an active network attacker (person in the middle).
Severity ?
9.1 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-34872",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T19:51:10.004400Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T19:52:25.548Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values (lack of contributory behavior). This is a problem for protocols that depend on contributory behavior (which is not the case for TLS). The attack can be carried by the peer, or depending on the protocol by an active network attacker (person in the middle)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T19:09:15.681Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/"
},
{
"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-ffdh-peerkey-checks/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2026-34872",
"datePublished": "2026-04-01T00:00:00.000Z",
"dateReserved": "2026-03-31T00:00:00.000Z",
"dateUpdated": "2026-04-01T19:52:25.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-34872\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2026-04-01T20:16:27.493\",\"lastModified\":\"2026-04-03T20:02:33.790\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values (lack of contributory behavior). This is a problem for protocols that depend on contributory behavior (which is not the case for TLS). The attack can be carried by the peer, or depending on the protocol by an active network attacker (person in the middle).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-347\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.6.6\",\"matchCriteriaId\":\"C8FBFC2E-329D-4274-A952-2D43378B83BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arm:tf-psa-crypto:1.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"874FFF30-23C9-453A-8E82-037AD3F12345\"}]}]}],\"references\":[{\"url\":\"https://mbed-tls.readthedocs.io/en/latest/security-advisories/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-ffdh-peerkey-checks/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-34872\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-01T19:51:10.004400Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-347\", \"description\": \"CWE-347 Improper Verification of Cryptographic Signature\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-01T19:50:04.483Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://mbed-tls.readthedocs.io/en/latest/security-advisories/\"}, {\"url\": \"https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-ffdh-peerkey-checks/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values (lack of contributory behavior). This is a problem for protocols that depend on contributory behavior (which is not the case for TLS). The attack can be carried by the peer, or depending on the protocol by an active network attacker (person in the middle).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2026-04-01T19:09:15.681Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-34872\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-01T19:52:25.548Z\", \"dateReserved\": \"2026-03-31T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2026-04-01T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
OPENSUSE-SU-2026:10498-1
Vulnerability from csaf_opensuse - Published: 2026-04-07 00:00 - Updated: 2026-04-07 00:00Summary
libeverest-3.6.6-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: libeverest-3.6.6-1.1 on GA media
Description of the patch: These are all security issues fixed in the libeverest-3.6.6-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10498
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.7 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
9.1 (Critical)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
9.8 (Critical)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libeverest-3.6.6-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libeverest-3.6.6-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10498",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10498-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25833 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25834 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25835 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34871 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34872 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34873 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34874 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34875 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34876 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34877 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34877/"
}
],
"title": "libeverest-3.6.6-1.1 on GA media",
"tracking": {
"current_release_date": "2026-04-07T00:00:00Z",
"generator": {
"date": "2026-04-07T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10498-1",
"initial_release_date": "2026-04-07T00:00:00Z",
"revision_history": [
{
"date": "2026-04-07T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libeverest-3.6.6-1.1.aarch64",
"product": {
"name": "libeverest-3.6.6-1.1.aarch64",
"product_id": "libeverest-3.6.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"product": {
"name": "libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"product_id": "libeverest-x86-64-v3-3.6.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmbedcrypto16-3.6.6-1.1.aarch64",
"product": {
"name": "libmbedcrypto16-3.6.6-1.1.aarch64",
"product_id": "libmbedcrypto16-3.6.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"product": {
"name": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"product_id": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmbedtls21-3.6.6-1.1.aarch64",
"product": {
"name": "libmbedtls21-3.6.6-1.1.aarch64",
"product_id": "libmbedtls21-3.6.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"product": {
"name": "libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"product_id": "libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmbedx509-7-3.6.6-1.1.aarch64",
"product": {
"name": "libmbedx509-7-3.6.6-1.1.aarch64",
"product_id": "libmbedx509-7-3.6.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"product": {
"name": "libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"product_id": "libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libp256m-3.6.6-1.1.aarch64",
"product": {
"name": "libp256m-3.6.6-1.1.aarch64",
"product_id": "libp256m-3.6.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"product": {
"name": "libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"product_id": "libp256m-x86-64-v3-3.6.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mbedtls-devel-3.6.6-1.1.aarch64",
"product": {
"name": "mbedtls-devel-3.6.6-1.1.aarch64",
"product_id": "mbedtls-devel-3.6.6-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libeverest-3.6.6-1.1.ppc64le",
"product": {
"name": "libeverest-3.6.6-1.1.ppc64le",
"product_id": "libeverest-3.6.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"product": {
"name": "libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"product_id": "libeverest-x86-64-v3-3.6.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmbedcrypto16-3.6.6-1.1.ppc64le",
"product": {
"name": "libmbedcrypto16-3.6.6-1.1.ppc64le",
"product_id": "libmbedcrypto16-3.6.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"product": {
"name": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"product_id": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmbedtls21-3.6.6-1.1.ppc64le",
"product": {
"name": "libmbedtls21-3.6.6-1.1.ppc64le",
"product_id": "libmbedtls21-3.6.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"product": {
"name": "libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"product_id": "libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmbedx509-7-3.6.6-1.1.ppc64le",
"product": {
"name": "libmbedx509-7-3.6.6-1.1.ppc64le",
"product_id": "libmbedx509-7-3.6.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"product": {
"name": "libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"product_id": "libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libp256m-3.6.6-1.1.ppc64le",
"product": {
"name": "libp256m-3.6.6-1.1.ppc64le",
"product_id": "libp256m-3.6.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"product": {
"name": "libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"product_id": "libp256m-x86-64-v3-3.6.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mbedtls-devel-3.6.6-1.1.ppc64le",
"product": {
"name": "mbedtls-devel-3.6.6-1.1.ppc64le",
"product_id": "mbedtls-devel-3.6.6-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libeverest-3.6.6-1.1.s390x",
"product": {
"name": "libeverest-3.6.6-1.1.s390x",
"product_id": "libeverest-3.6.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libeverest-x86-64-v3-3.6.6-1.1.s390x",
"product": {
"name": "libeverest-x86-64-v3-3.6.6-1.1.s390x",
"product_id": "libeverest-x86-64-v3-3.6.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libmbedcrypto16-3.6.6-1.1.s390x",
"product": {
"name": "libmbedcrypto16-3.6.6-1.1.s390x",
"product_id": "libmbedcrypto16-3.6.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"product": {
"name": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"product_id": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libmbedtls21-3.6.6-1.1.s390x",
"product": {
"name": "libmbedtls21-3.6.6-1.1.s390x",
"product_id": "libmbedtls21-3.6.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"product": {
"name": "libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"product_id": "libmbedtls21-x86-64-v3-3.6.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libmbedx509-7-3.6.6-1.1.s390x",
"product": {
"name": "libmbedx509-7-3.6.6-1.1.s390x",
"product_id": "libmbedx509-7-3.6.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"product": {
"name": "libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"product_id": "libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libp256m-3.6.6-1.1.s390x",
"product": {
"name": "libp256m-3.6.6-1.1.s390x",
"product_id": "libp256m-3.6.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libp256m-x86-64-v3-3.6.6-1.1.s390x",
"product": {
"name": "libp256m-x86-64-v3-3.6.6-1.1.s390x",
"product_id": "libp256m-x86-64-v3-3.6.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mbedtls-devel-3.6.6-1.1.s390x",
"product": {
"name": "mbedtls-devel-3.6.6-1.1.s390x",
"product_id": "mbedtls-devel-3.6.6-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libeverest-3.6.6-1.1.x86_64",
"product": {
"name": "libeverest-3.6.6-1.1.x86_64",
"product_id": "libeverest-3.6.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"product": {
"name": "libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"product_id": "libeverest-x86-64-v3-3.6.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmbedcrypto16-3.6.6-1.1.x86_64",
"product": {
"name": "libmbedcrypto16-3.6.6-1.1.x86_64",
"product_id": "libmbedcrypto16-3.6.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"product": {
"name": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"product_id": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmbedtls21-3.6.6-1.1.x86_64",
"product": {
"name": "libmbedtls21-3.6.6-1.1.x86_64",
"product_id": "libmbedtls21-3.6.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"product": {
"name": "libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"product_id": "libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmbedx509-7-3.6.6-1.1.x86_64",
"product": {
"name": "libmbedx509-7-3.6.6-1.1.x86_64",
"product_id": "libmbedx509-7-3.6.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"product": {
"name": "libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"product_id": "libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libp256m-3.6.6-1.1.x86_64",
"product": {
"name": "libp256m-3.6.6-1.1.x86_64",
"product_id": "libp256m-3.6.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"product": {
"name": "libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"product_id": "libp256m-x86-64-v3-3.6.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mbedtls-devel-3.6.6-1.1.x86_64",
"product": {
"name": "mbedtls-devel-3.6.6-1.1.x86_64",
"product_id": "mbedtls-devel-3.6.6-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libeverest-3.6.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64"
},
"product_reference": "libeverest-3.6.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libeverest-3.6.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le"
},
"product_reference": "libeverest-3.6.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libeverest-3.6.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x"
},
"product_reference": "libeverest-3.6.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libeverest-3.6.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64"
},
"product_reference": "libeverest-3.6.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libeverest-x86-64-v3-3.6.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64"
},
"product_reference": "libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libeverest-x86-64-v3-3.6.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le"
},
"product_reference": "libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libeverest-x86-64-v3-3.6.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x"
},
"product_reference": "libeverest-x86-64-v3-3.6.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libeverest-x86-64-v3-3.6.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64"
},
"product_reference": "libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedcrypto16-3.6.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64"
},
"product_reference": "libmbedcrypto16-3.6.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedcrypto16-3.6.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le"
},
"product_reference": "libmbedcrypto16-3.6.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedcrypto16-3.6.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x"
},
"product_reference": "libmbedcrypto16-3.6.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedcrypto16-3.6.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64"
},
"product_reference": "libmbedcrypto16-3.6.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64"
},
"product_reference": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le"
},
"product_reference": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x"
},
"product_reference": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64"
},
"product_reference": "libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedtls21-3.6.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64"
},
"product_reference": "libmbedtls21-3.6.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedtls21-3.6.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le"
},
"product_reference": "libmbedtls21-3.6.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedtls21-3.6.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x"
},
"product_reference": "libmbedtls21-3.6.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedtls21-3.6.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64"
},
"product_reference": "libmbedtls21-3.6.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64"
},
"product_reference": "libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le"
},
"product_reference": "libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedtls21-x86-64-v3-3.6.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x"
},
"product_reference": "libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64"
},
"product_reference": "libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedx509-7-3.6.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64"
},
"product_reference": "libmbedx509-7-3.6.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedx509-7-3.6.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le"
},
"product_reference": "libmbedx509-7-3.6.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedx509-7-3.6.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x"
},
"product_reference": "libmbedx509-7-3.6.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedx509-7-3.6.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64"
},
"product_reference": "libmbedx509-7-3.6.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64"
},
"product_reference": "libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le"
},
"product_reference": "libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x"
},
"product_reference": "libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64"
},
"product_reference": "libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libp256m-3.6.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64"
},
"product_reference": "libp256m-3.6.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libp256m-3.6.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le"
},
"product_reference": "libp256m-3.6.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libp256m-3.6.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x"
},
"product_reference": "libp256m-3.6.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libp256m-3.6.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64"
},
"product_reference": "libp256m-3.6.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libp256m-x86-64-v3-3.6.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64"
},
"product_reference": "libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libp256m-x86-64-v3-3.6.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le"
},
"product_reference": "libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libp256m-x86-64-v3-3.6.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x"
},
"product_reference": "libp256m-x86-64-v3-3.6.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libp256m-x86-64-v3-3.6.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64"
},
"product_reference": "libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mbedtls-devel-3.6.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64"
},
"product_reference": "mbedtls-devel-3.6.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mbedtls-devel-3.6.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le"
},
"product_reference": "mbedtls-devel-3.6.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mbedtls-devel-3.6.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x"
},
"product_reference": "mbedtls-devel-3.6.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mbedtls-devel-3.6.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
},
"product_reference": "mbedtls-devel-3.6.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25833"
}
],
"notes": [
{
"category": "general",
"text": "Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x509_inet_pton_ipv6() function",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25833",
"url": "https://www.suse.com/security/cve/CVE-2026-25833"
},
{
"category": "external",
"summary": "SUSE Bug 1261476 for CVE-2026-25833",
"url": "https://bugzilla.suse.com/1261476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-25833"
},
{
"cve": "CVE-2026-25834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25834"
}
],
"notes": [
{
"category": "general",
"text": "Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25834",
"url": "https://www.suse.com/security/cve/CVE-2026-25834"
},
{
"category": "external",
"summary": "SUSE Bug 1261477 for CVE-2026-25834",
"url": "https://bugzilla.suse.com/1261477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-25834"
},
{
"cve": "CVE-2026-25835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25835"
}
],
"notes": [
{
"category": "general",
"text": "Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator (PRNG).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25835",
"url": "https://www.suse.com/security/cve/CVE-2026-25835"
},
{
"category": "external",
"summary": "SUSE Bug 1261478 for CVE-2026-25835",
"url": "https://bugzilla.suse.com/1261478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-25835"
},
{
"cve": "CVE-2026-34871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34871"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34871",
"url": "https://www.suse.com/security/cve/CVE-2026-34871"
},
{
"category": "external",
"summary": "SUSE Bug 1261448 for CVE-2026-34871",
"url": "https://bugzilla.suse.com/1261448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-34871"
},
{
"cve": "CVE-2026-34872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34872"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values (lack of contributory behavior). This is a problem for protocols that depend on contributory behavior (which is not the case for TLS). The attack can be carried by the peer, or depending on the protocol by an active network attacker (person in the middle).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34872",
"url": "https://www.suse.com/security/cve/CVE-2026-34872"
},
{
"category": "external",
"summary": "SUSE Bug 1261449 for CVE-2026-34872",
"url": "https://bugzilla.suse.com/1261449"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-07T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2026-34872"
},
{
"cve": "CVE-2026-34873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34873"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34873",
"url": "https://www.suse.com/security/cve/CVE-2026-34873"
},
{
"category": "external",
"summary": "SUSE Bug 1261450 for CVE-2026-34873",
"url": "https://bugzilla.suse.com/1261450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-07T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2026-34873"
},
{
"cve": "CVE-2026-34874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34874"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34874",
"url": "https://www.suse.com/security/cve/CVE-2026-34874"
},
{
"category": "external",
"summary": "SUSE Bug 1261469 for CVE-2026-34874",
"url": "https://bugzilla.suse.com/1261469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-34874"
},
{
"cve": "CVE-2026-34875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34875"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34875",
"url": "https://www.suse.com/security/cve/CVE-2026-34875"
},
{
"category": "external",
"summary": "SUSE Bug 1261451 for CVE-2026-34875",
"url": "https://bugzilla.suse.com/1261451"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-07T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2026-34875"
},
{
"cve": "CVE-2026-34876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34876"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mbed TLS 3.x before 3.6.6. An out-of-bounds read vulnerability in mbedtls_ccm_finish() in library/ccm.c allows attackers to obtain adjacent CCM context data via invocation of the multipart CCM API with an oversized tag_len parameter. This is caused by missing validation of the tag_len parameter against the size of the internal 16-byte authentication buffer. The issue affects the public multipart CCM API in Mbed TLS 3.x, where mbedtls_ccm_finish() can be invoked directly by applications. In Mbed TLS 4.x versions prior to the fix, the same missing validation exists in the internal implementation; however, the function is not exposed as part of the public API. Exploitation requires application-level invocation of the multipart CCM API.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34876",
"url": "https://www.suse.com/security/cve/CVE-2026-34876"
},
{
"category": "external",
"summary": "SUSE Bug 1261452 for CVE-2026-34876",
"url": "https://bugzilla.suse.com/1261452"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-34876"
},
{
"cve": "CVE-2026-34877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34877"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized SSL context or session structures allows an attacker who can modify the serialized structures to induce memory corruption, leading to arbitrary code execution. This is caused by Incorrect Use of Privileged APIs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34877",
"url": "https://www.suse.com/security/cve/CVE-2026-34877"
},
{
"category": "external",
"summary": "SUSE Bug 1261457 for CVE-2026-34877",
"url": "https://bugzilla.suse.com/1261457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libeverest-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedcrypto16-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedtls21-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libmbedx509-7-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:libp256m-x86-64-v3-3.6.6-1.1.x86_64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.aarch64",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.ppc64le",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.s390x",
"openSUSE Tumbleweed:mbedtls-devel-3.6.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-07T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2026-34877"
}
]
}
GHSA-347R-37HJ-5JC9
Vulnerability from github – Published: 2026-04-01 21:30 – Updated: 2026-04-01 21:30
VLAI?
Details
An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values (lack of contributory behavior). This is a problem for protocols that depend on contributory behavior (which is not the case for TLS). The attack can be carried by the peer, or depending on the protocol by an active network attacker (person in the middle).
Severity ?
9.1 (Critical)
{
"affected": [],
"aliases": [
"CVE-2026-34872"
],
"database_specific": {
"cwe_ids": [
"CWE-347"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-01T20:16:27Z",
"severity": "CRITICAL"
},
"details": "An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values (lack of contributory behavior). This is a problem for protocols that depend on contributory behavior (which is not the case for TLS). The attack can be carried by the peer, or depending on the protocol by an active network attacker (person in the middle).",
"id": "GHSA-347r-37hj-5jc9",
"modified": "2026-04-01T21:30:31Z",
"published": "2026-04-01T21:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34872"
},
{
"type": "WEB",
"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories"
},
{
"type": "WEB",
"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-ffdh-peerkey-checks"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2026-34872
Vulnerability from fkie_nvd - Published: 2026-04-01 20:16 - Updated: 2026-04-03 20:02
Severity ?
Summary
An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values (lack of contributory behavior). This is a problem for protocols that depend on contributory behavior (which is not the case for TLS). The attack can be carried by the peer, or depending on the protocol by an active network attacker (person in the middle).
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://mbed-tls.readthedocs.io/en/latest/security-advisories/ | Vendor Advisory | |
| cve@mitre.org | https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-ffdh-peerkey-checks/ | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | mbed_tls | * | |
| arm | tf-psa-crypto | 1.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FBFC2E-329D-4274-A952-2D43378B83BD",
"versionEndExcluding": "3.6.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arm:tf-psa-crypto:1.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "874FFF30-23C9-453A-8E82-037AD3F12345",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values (lack of contributory behavior). This is a problem for protocols that depend on contributory behavior (which is not the case for TLS). The attack can be carried by the peer, or depending on the protocol by an active network attacker (person in the middle)."
}
],
"id": "CVE-2026-34872",
"lastModified": "2026-04-03T20:02:33.790",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2026-04-01T20:16:27.493",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-ffdh-peerkey-checks/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…