Currently we use the version 2.6.0 of mbedTLS in our embedded system. We need to keep track of possible vulnerabilities in all of our libraries, so we need to list CPE (Common Platform Enumerations) IDs for all of them. This is important to know related CVE (Common Vulnerabilities and Exposures).
For mbedTLS I could found two different IDs for v2.6.0:
Does anybody know the difference between these two?
Thanks in advance.