CVE-2023-52353

Published: 2024-01-21T23:15Z

Last Modified: 2024-11-21T08:39Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt