Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

cargo openssl-src Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS1wNTJnLWNtNWotbWp2NM4AAxfu
openssl-src subject to Timing Oracle in RSA Decryption
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 21.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1yN2p3LXdwNjgtM3hjaM4AAxft
openssl-src vulnerable to Use-after-free following `BIO_new_NDEF`
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS13Njd3LW13NGotOHFyds4AAxfs
openssl-src contains Read Buffer Overflow in X.509 Name Constraint
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: over 1 year ago
High
GSA_kwCzR0hTQS0yOXh4LWhjdjItYzRjcM4AAxfr
openssl-src subject to Invalid pointer dereference in `d2i_PKCS7` functions
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: over 1 year ago
High
GSA_kwCzR0hTQS12NXc2LXdjbTgtam00cc4AAxfq
openssl-src contains Double free after calling `PEM_read_bio_ex`
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: over 1 year ago
High
GSA_kwCzR0hTQS12eHJoLWNwZzctOHZqcs4AAxfp
openssl-src subject to NULL dereference validating DSA public key
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: over 1 year ago
High
GSA_kwCzR0hTQS12cmg3LXg2NHYtN3Z4cc4AAxfo
openssl-src contains `NULL` dereference during PKCS7 data verification
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: over 1 year ago
High
GSA_kwCzR0hTQS14NHFyLTJmdmYtM21yNc4AAxfn
Vulnerable OpenSSL included in cryptography wheels
Ecosystems: cargo, pypi
Packages: openssl-src, cryptography
Source: GitHub Advisory Database
Blast Radius: 64.2
Published: over 1 year ago
High
GSA_kwCzR0hTQS12cjhqLWhnbW0tamg5cs4AAwTC
openssl-src subject to DoS by double-checked locking
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS04cndyLXgzN3AtbXgyM84AAvn2
X.509 Email Address 4-byte Buffer Overflow
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: over 1 year ago
High
GSA_kwCzR0hTQS1oOGptLTJ4NTMteGhwNc4AAvn1
X.509 Email Address Variable Length Buffer Overflow
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: over 1 year ago
High
GSA_kwCzR0hTQS00ZjYzLTg5dzktM2pqds4AAvPY
Using a Custom Cipher with `NID_undef` may lead to NULL encryption
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0zd3g3LTQ2Y2gtN3JxMs4AAtH0
AES OCB fails to encrypt some bytes
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS03MzVmLXBnNzYtZnhjNM4AAtFu
openssl-src heap memory corruption with RSA private key operation
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS01d3c2LXB4NDItd2M4Nc4AApqI
SM2 Decryption Buffer Overflow
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: about 2 years ago
High
GSA_kwCzR0hTQS1xOXdqLWY0cXctNnZmas4AApp0
Read buffer overruns processing ASN.1 strings
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.3
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1tZm02LXI5ZzItcTRyN83dTg
`OCSP_basic_verify` may incorrectly verify the response signing certificate
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS02MzhtLW04bWgtN2d3Ms3dRQ
Incorrect MAC key used in the RC4-MD5 ciphersuite
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 21.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1nMzIzLWZyOTMtNGozY83dRw
Resource leakage when decoding certificates and keys
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: about 2 years ago
High
GSA_kwCzR0hTQS14M21oLWp2anctM3h3eM0zKw
openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: over 2 years ago
High
GSA_kwCzR0hTQS1tbWpmLWY1anctdzcycc0bZA
Invalid handling of `X509_verify_cert()` internal errors in libssl
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgzbXgtNTczeC01cnc5
openssl-src NULL pointer Dereference in signature_algorithms processing
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 21.0
Published: almost 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThoZmoteHJqMi1wbTIy
Certificate check bypass in openssl-src
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.3
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg0cm0tcWYzNy1mZ2My
Integer Overflow in openssl-src
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 21.0
Published: almost 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFnbTYtOTQ3Mi1wd3E3
Integer Overflow in openssl-src
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: almost 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpxNjUtMjl2NC00eDM1
Null pointer deference in openssl-src
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: almost 3 years ago
Statistics
Advisories: 19,517
Packages: 8,615
Repositories: 6
Ecosystems: 12
Filter by Package
openssl-src 26 ckb 22 rusqlite 16 wasmtime 16 deno 13 surrealdb 9 hyper 7 libpulse-binding 7 openssl 7 smallvec 6 Simple-Wayland-HotKey-Daemon 6 cranelift-codegen 6 sized-chunks 6 bottlerocket/update-operator 5 lock_api 5 comrak 5 xcb 5 tauri 5 frontier 5 cargo 5 messagepack-rs 5 deno_runtime 4 apollo-router 4 evm 4 tremor-script 4 tokio 4 raw-cpuid 4 pleaser 4 actix-web 4 ursa 3 anoncreds-clsignatures 3 s2n-quic 3 nanorand 3 slice-deque 3 crossbeam-channel 3 arrow 3 grin 3 apache-avro 3 h2 3 arr 3 ntpd 3 routinator 3 crossbeam 3 id-map 3 solana_rbpf 3 ammonia 3 cgc 3 gix 3 tough 3 acc_reader 3 quiche 3 gitoxide 3 flatbuffers 3 fltk 3 tar 2 bite 2 abi_stable 2 binjs_io 2 vm-memory 2 http 2 phonenumber 2 derive-com-impl 2 Deno 2 internment 2 parc 2 opcua 2 v9 2 inventory 2 gfx-auxil 2 futures-util 2 lru 2 libp2p-core 2 metrics-util 2 memoffset 2 ordnung 2 vodozemac 2 multiqueue 2 reorder 2 vec-const 2 rocket 2 libgit2-sys 2 failure 2 streebog 2 bumpalo 2 arti 2 rust-embed 2 tor-circmgr 2 ozone 2 rdiff 2 crayon 2 cache 2 rulex 2 buffoon 2 bronzedb-protocol 2 rsa 2 traitobject 2 ticketed_lock 2 csv-sniffer 2 arenavec 2 gix-index 2 gitoxide-core 2 gix-worktree 2 gix-worktree-state 2 hyper-staticfile 2 russh 2 wasm3 2 pywasm3 2 simple-slab 2 mopa 2 tiny_future 2 signal-simple 2 flumedb 2 syncpool 2 array-macro 2 actix-http 2 crypto2 2 nano-id 2 oqs 2 generator 2 libsecp256k1 2 evm-core 2 mio 2 slack-morphism 2 sha2 2 async-h1 2 slock 2 simple_asn1 2 coreos-installer 2 toodee 2 futures-task 2 tectonic_xdv 2 sequoia-openpgp 2 ash 2 image 2 columnar 2 gix-transport 2 ncurses 2 spin 2 zerocopy 2 matrix-sdk-crypto 2 tower-http 2 lettre 2 trust-dns-server 2 nix 2 stack_dst 2 svix 2 molecule 2 net2 2 pnet 2 abomonation 2 sodiumoxide 2 rand_core 2 string-interner 1 magick.net-q16-anycpu 1 totp-rs 1 magick.net-q16-hdri-anycpu 1 magick.net-q16-x64 1 libdav1d-sys 1 webp 1 Pillow 1 github.com/chai2010/webp 1 endian_trait 1 xml-rs 1 SkiaSharp 1 electron 1 libwebp-sys 1 libwebp-sys2 1 parse_duration 1 actix-utils 1 better-macro 1 protobuf 1 noise_search 1 scratchpad 1 model 1 serde_yaml 1 rmp-serde 1 self_cell 1 pancurses 1 beef 1 safe-transmute 1 async-coap 1 bigint 1 stack 1 serde_v8 1 spin-sdk 1 vmm-sys-util 1 magick.net-q8-x64 1 magick.net-q8-openmp-x64 1 magick.net-q8-anycpu 1 lz4-sys 1 linked_list_allocator 1 serde-json-wasm 1 glsl-layout 1 aes-gcm 1 odoh-rs 1 wasmi 1 ed25519-dalek 1 @tauri-apps/cli 1 tauri-cli 1 rustls-webpki 1