Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
rootio-mbedtls: Malicious Certificate Can Bypass Security Checks
ROOT-OS-DEBIAN-12-CVE-2025-47917
Summary
A security patch has been released for the rootio-mbedtls package in Root:Debian:12. This patch addresses a vulnerability that could allow a malicious certificate to bypass security checks. Root users should update their software to the latest fixed version to stay protected.
What to do
- Update rootio-mbedtls to version 2.28.3-1.root.io.13.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Root:Debian:12 | – | rootio-mbedtls |
< 2.28.3-1.root.io.13 Fix: upgrade to 2.28.3-1.root.io.13
|
Original title
CVE-2025-47917 in rootio-mbedtls - Patched by Root
Original description
Root has patched CVE-2025-47917 in the rootio-mbedtls package for Root:Debian:12. Multiple fixed versions available.
osv CVSS3.1
9.8
Published: 5 May 2026 · Updated: 5 May 2026 · First seen: 5 May 2026