CVE-2026-41681 rust-openssl: MdCtxRef::digest_final() writes past caller buffer with no length check

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.39 to before 0.10.78, EVPDigestFinal always writes EVPMDCTXsizectx to the out buffer. If out is smaller than that, MdCtxRef::digestfinal writes past its end, usually corrupting the stack. This is reachable from sa...

CVE-2022-3721

Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39...

GHSA-H95W-P3X6-WWJ6 Froxlor vulnerable to Code Injection

Froxlor prior to version 0.10.39 is vulnerable to Code Injection...

Code injection

Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39...

CVE-2022-3721 Code Injection in froxlor/froxlor

Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39...

CVE-2022-3721

CVE-2022-3721 : Froxlor prior to version 0.10.39 contains a reported Code Injection vulnerability. Public sources describe impact as code execution paths arising from injection in Froxlor/froxlor, with remediation advising upgrade to 0.10.39 or later. Administrative impact is consistent with code...

Froxlor 跨站脚本漏洞

Froxlor is a lightweight server management software from the Froxlor team. A cross-site scripting vulnerability exists in versions of Froxlor prior to 0.10.39 that stems from command injection...

PT-2022-23878 · Froxlor · Froxlor

Name of the Vulnerable Software and Affected Versions: Froxlor versions prior to 0.10.39 Description: The issue concerns a Code Injection problem. It is reported that Froxlor is vulnerable to this issue. Recommendations: For versions prior to 0.10.39, update to version 0.10.39 or later to resolve...