Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

cargo

openssl

cargo

OpenSSL bindings

View on github.com · View on crates.io

Security Advisories for openssl in cargo

Moderate
16 days ago

rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers GSA_kwCzR0hTQS1waHFqLTRtaHAtcTZtcc4ABXHk

cargo openssl
Moderate
28 days ago

rust-openssl vulnerable to heap buffer overflow when encrypting with AES key-wrap-with-padding GSA_kwCzR0hTQS14djU5LTk2N3ItODcyNs4ABWaP

cargo openssl
High
30 days ago

rust-openssl has undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLs GSA_kwCzR0hTQS14cDN3LXI1cDUtNjNycs4ABWNq

cargo openssl
High
about 1 month ago

rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1 GSA_kwCzR0hTQS1wcWY1LTRwcXEtMjlmNc4ABVqB

cargo openssl
Low
about 1 month ago

rust-opennssl has an Out-of-bounds read in PEM password callback when returning an oversized length GSA_kwCzR0hTQS14bWdmLWhxNzYtNHZ4Ms4ABVqA

cargo openssl
High
about 1 month ago

rust-openssl has incorrect bounds assertion in aes key wrap GSA_kwCzR0hTQS04Yzc1LThtaHItcDdyOc4ABVp_

cargo openssl
High
about 1 month ago

rust-openssl: rustMdCtxRef::digest_final() writes past caller buffer with no length check GSA_kwCzR0hTQS1naG05LWNyMzItZzlxas4ABVp-

cargo openssl
High
about 1 month ago

rust-openssl: Unchecked callback length in PSK/cookie trampolines leaks adjacent memory to peer GSA_kwCzR0hTQS1ocHBjLWc4aDMteGhwM84ABVp9

cargo openssl
Moderate
about 1 year ago

rust-openssl Use-After-Free in `Md::fetch` and `Cipher::fetch` GSA_kwCzR0hTQS00ZmN2LXczcWMtcHBnZ84ABGdN

cargo openssl
Moderate
over 1 year ago

rust-openssl ssl::select_next_proto use after free GSA_kwCzR0hTQS1ycG1qLXJwZ2otcW1wbc4ABEGF

cargo openssl
Moderate
almost 2 years ago

openssl's `MemBio::get_buf` has undefined behavior with empty buffers GSA_kwCzR0hTQS1xNDQ1LTdtMjMtcXJtd84AA-FM

cargo openssl
Moderate
over 2 years ago

`openssl` `X509StoreRef::objects` is unsound GSA_kwCzR0hTQS14cGhmLWN4OGgtN3E5Z84AA3Zx

cargo openssl
Moderate
almost 3 years ago

`openssl` `X509VerifyParamRef::set_host` buffer over-read GSA_kwCzR0hTQS14Y2Y3LXJ2bWgtZzZxNM4AAz-d

cargo openssl
Moderate
about 3 years ago

`openssl` `X509NameBuilder::build` returned object is not thread safe GSA_kwCzR0hTQS0zZ3hmLTlyNTgtMmdoZ84AAyUL

cargo openssl
High
about 3 years ago

`openssl` `SubjectAlternativeName` and `ExtendedKeyUsage::other` allow arbitrary file read GSA_kwCzR0hTQS05cXdnLWNyZzktbTJ2Y84AAyUK

cargo openssl
High
about 3 years ago

`openssl` `X509Extension::new` and `X509Extension::new_nid` null pointer dereference GSA_kwCzR0hTQS02aGNmLWc2Z3ItaGhjcs4AAyUJ

cargo openssl
Critical
almost 5 years ago

Use after free in openssl MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhqeGMtdmZ3Mi1jZzk2

cargo openssl
High
almost 5 years ago

Improper Certificate Validation in openssl MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM0cDktZjRxMy1jNHI3

cargo openssl

Filter by Severity

Moderate 8 High 8 Low 1 Critical 1