Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

cargo openssl-src Security Advisories

High

GSA_kwCzR0hTQS0zd3g3LTQ2Y2gtN3JxMs4AAtH0

AES OCB fails to encrypt some bytes
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: 11 months ago

High

GSA_kwCzR0hTQS12cjhqLWhnbW0tamg5cs4AAwTC

openssl-src subject to DoS by double-checked locking
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: 6 months ago

High

GSA_kwCzR0hTQS1oOGptLTJ4NTMteGhwNc4AAvn1

X.509 Email Address Variable Length Buffer Overflow
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: 7 months ago

Critical

GSA_kwCzR0hTQS03MzVmLXBnNzYtZnhjNM4AAtFu

openssl-src 300.0.8 heap memory corruption with RSA private key operation
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: 11 months ago

Moderate

GSA_kwCzR0hTQS02MzhtLW04bWgtN2d3Ms3dRQ

Incorrect MAC key used in the RC4-MD5 ciphersuite
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: about 1 year ago

Critical

GSA_kwCzR0hTQS04cndyLXgzN3AtbXgyM84AAvn2

X.509 Email Address 4-byte Buffer Overflow
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: 7 months ago

High

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpxNjUtMjl2NC00eDM1

Null pointer deference in openssl-src
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: almost 2 years ago

High

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFnbTYtOTQ3Mi1wd3E3

Integer Overflow in openssl-src
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: almost 2 years ago

Critical

GSA_kwCzR0hTQS01d3c2LXB4NDItd2M4Nc4AApqI

SM2 Decryption Buffer Overflow
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: about 1 year ago

High

GSA_kwCzR0hTQS0yOXh4LWhjdjItYzRjcM4AAxfr

openssl-src subject to Invalid pointer dereference in `d2i_PKCS7` functions
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: 4 months ago

High

GSA_kwCzR0hTQS12eHJoLWNwZzctOHZqcs4AAxfp

openssl-src subject to NULL dereference validating DSA public key
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: 4 months ago

High

GSA_kwCzR0hTQS14NHFyLTJmdmYtM21yNc4AAxfn

Vulnerable OpenSSL included in cryptography wheels
Ecosystems: cargo, pypi
Packages: openssl-src, cryptography
Source: GitHub Advisory Database
Published: 4 months ago

High

GSA_kwCzR0hTQS00ZjYzLTg5dzktM2pqds4AAvPY

Using a Custom Cipher with `NID_undef` may lead to NULL encryption
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: 8 months ago

Moderate

GSA_kwCzR0hTQS1tZm02LXI5ZzItcTRyN83dTg

`OCSP_basic_verify` may incorrectly verify the response signing certificate
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: about 1 year ago

High

GSA_kwCzR0hTQS1nMzIzLWZyOTMtNGozY83dRw

Resource leakage when decoding certificates and keys
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: about 1 year ago

High

GSA_kwCzR0hTQS1tbWpmLWY1anctdzcycc0bZA

Invalid handling of `X509_verify_cert()` internal errors in libssl
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: over 1 year ago

High

GSA_kwCzR0hTQS1yN2p3LXdwNjgtM3hjaM4AAxft

openssl-src vulnerable to Use-after-free following `BIO_new_NDEF`
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: 4 months ago

High

GSA_kwCzR0hTQS12cmg3LXg2NHYtN3Z4cc4AAxfo

openssl-src contains `NULL` dereference during PKCS7 data verification
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: 4 months ago

High

GSA_kwCzR0hTQS12NXc2LXdjbTgtam00cc4AAxfq

openssl-src contains Double free after calling `PEM_read_bio_ex`
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: 4 months ago

Critical

GSA_kwCzR0hTQS13Njd3LW13NGotOHFyds4AAxfs

openssl-src contains Read Buffer Overflow in X.509 Name Constraint
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: 4 months ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgzbXgtNTczeC01cnc5

Null pointer deference in openssl-src
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: almost 2 years ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg0cm0tcWYzNy1mZ2My

Integer Overflow in openssl-src
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: almost 2 years ago

High

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThoZmoteHJqMi1wbTIy

Certificate check bypass in openssl-src
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: almost 2 years ago

High

GSA_kwCzR0hTQS14M21oLWp2anctM3h3eM0zKw

openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: about 1 year ago

Moderate

GSA_kwCzR0hTQS1wNTJnLWNtNWotbWp2NM4AAxfu

openssl-src subject to Timing Oracle in RSA Decryption
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: 4 months ago

High

GSA_kwCzR0hTQS1xOXdqLWY0cXctNnZmas4AApp0

Read buffer overruns processing ASN.1 strings
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Published: about 1 year ago

Filter by Severity

Moderate 5,145 High 4,556 Critical 2,099 Low 676

Filter by Ecosystem

maven 3,859 npm 3,126 pypi 2,605 packagist 1,696 go 1,243 nuget 939 rubygems 711 cargo 640 hex 21 actions 10 pub 5

Filter by Package