{"id":"CVE-2018-19608","details":"Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-(EC)DH(E) cipher suites.","modified":"2026-04-16T06:15:53.606065620Z","published":"2018-12-05T22:29:00.490Z","related":["openSUSE-SU-2024:11043-1"],"references":[{"type":"ADVISORY","url":"http://cat.eyalro.net/"},{"type":"ADVISORY","url":"https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released"},{"type":"ADVISORY","url":"https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/armmbed/mbedtls","events":[{"introduced":"0a0c22e0efcf2f8f71d7e16712f80b8f77326f72"},{"fixed":"85a5bbc24a9311431c665eaa02f5dee09689fa37"},{"introduced":"32605dc83042d737e715a685e53176388d73540e"},{"fixed":"2297157dd6236e4a5c2f46c84c401599ef639cf5"},{"introduced":"556d7d9e3b09157555310466a47e25a9ebfd8f4e"},{"fixed":"60fbd5bdf05c223b641677204469b53c2ff39d4e"}],"database_specific":{"versions":[{"introduced":"2.1.0"},{"fixed":"2.1.17"},{"introduced":"2.7.0"},{"fixed":"2.7.8"},{"introduced":"2.14.0"},{"fixed":"2.14.1"}]}}],"versions":["mbedtls-2.1.0","mbedtls-2.1.1","mbedtls-2.1.10","mbedtls-2.1.11","mbedtls-2.1.11-rc1","mbedtls-2.1.12","mbedtls-2.1.13","mbedtls-2.1.14","mbedtls-2.1.15","mbedtls-2.1.16","mbedtls-2.1.2","mbedtls-2.1.3","mbedtls-2.1.4","mbedtls-2.1.5","mbedtls-2.1.6","mbedtls-2.1.8","mbedtls-2.1.9","mbedtls-2.1.9-rc1","mbedtls-2.14.0","mbedtls-2.7.0","mbedtls-2.7.1","mbedtls-2.7.2","mbedtls-2.7.2-rc1","mbedtls-2.7.3","mbedtls-2.7.4","mbedtls-2.7.5","mbedtls-2.7.6","mbedtls-2.7.7"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19608.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}