CRITICAL9.8CVE-2026-41676rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1 >= 0.9.27, < 0.10.78
CRITICAL9.8CVE-2026-41678rust-openssl has incorrect bounds assertion in aes key wrap >= 0.10.24, < 0.10.78
CRITICAL9.8CVE-2026-41681rust-openssl: rustMdCtxRef::digest_final() writes past caller buffer with no length check >= 0.10.39, < 0.10.78
CRITICAL9.8rust-openssl: Unchecked callback length in PSK/cookie trampolines leaks adjacent memory to peer
>= 0.9.24, < 0.10.78
CRITICAL9.8Use after free in CMS Signing
>= 0.10.8, < 0.10.9
CRITICAL9.8Use after free in CMS Signing
>= 0.10.8, < 0.10.9
CRITICAL9.1rust-opennssl has an Out-of-bounds read in PEM password callback when returning an oversized length
>= 0.9.0, < 0.10.78
HIGH8.1SSL/TLS MitM vulnerability due to insecure defaults
>= 0.0.0-0, < 0.9.0
HIGH8.1SSL/TLS MitM vulnerability due to insecure defaults
from 0, < 0.9.0
MEDIUM4.5`openssl` `X509VerifyParamRef::set_host` buffer over-read
>= 0.10.0, < 0.10.55
MEDIUM4.5`openssl` `X509VerifyParamRef::set_host` buffer over-read
>= 0.0.0-0, < 0.10.55
—rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers
>= 0.10.50, < 0.10.80
—rust-openssl vulnerable to heap buffer overflow when encrypting with AES key-wrap-with-padding
>= 0.10.0, < 0.10.79
—rust-openssl has undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLs
>= 0.9.7, < 0.10.79
—ssl::select_next_proto use after free
>= 0.10.0, < 0.10.70
—ssl::select_next_proto use after free
>= 0.0.0-0, < 0.10.70