CVE-2025-48965 – Mbed TLS NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-48965

Published : July 20, 2025, 6:15 p.m. | 38 minutes ago

Description : Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtls_asn1_store_named_data can trigger conflicting data with val.p of NULL but val.len greater than zero.

Severity: 4.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…