CRITICAL9.8CVE-2026-41676rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1 from 0
CRITICAL9.8CVE-2026-41678rust-openssl has incorrect bounds assertion in aes key wrap from 0
CRITICAL9.8CVE-2026-41681rust-openssl: rustMdCtxRef::digest_final() writes past caller buffer with no length check from 0
CRITICAL9.8rust-openssl: Unchecked callback length in PSK/cookie trampolines leaks adjacent memory to peer
from 0
CRITICAL9.1rust-opennssl has an Out-of-bounds read in PEM password callback when returning an oversized length
from 0
MEDIUM4.5`openssl` `X509VerifyParamRef::set_host` buffer over-read
from 0
LOW3.7A flaw was found in OpenSSL's handling of the properties argument in certain functions.
from 0
—rust-openssl vulnerable to heap buffer overflow when encrypting with AES key-wrap-with-padding
from 0
—rust-openssl has undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLs
from 0
—ssl::select_next_proto use after free
from 0, < 0.10.29-1+deb11u1
—ssl::select_next_proto use after free
from 0, < 0.10.29-1+deb11u1
—A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a…
from 0