CVE-2025-47917 | Mbed TLS up to 3.6.3 mbedtls_x509_string_to_names head use after free (EUVD-2025-22035)

A vulnerability was found in Mbed TLS up to 3.6.3. It has been declared as critical. Affected by this vulnerability is the function mbedtls_x509_string_to_names. The manipulation of the argument head leads to use after free.

This vulnerability is known as CVE-2025-47917. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More