CVE-2024-28755 | mbed TLS up to 3.5.x API mbedtls_ssl_session_reset inadequate encryption
A vulnerability categorized as problematic has been discovered in mbed TLS up to 3.5.x. The affected element is the function mbedtls_ssl_session_reset of the component API. Executing a manipulation can lead to inadequate encryption strength.
This vulnerability appears as CVE-2024-28755. The attack may be performed from remote. There is no available exploit.
It is advisable to upgrade the affected component.