Lucene search
K

10 matches found

SUSE CVE
SUSE CVE
added 2026/07/03 3:16 a.m.8 views

SUSE CVE-2026-41676

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...

6.5CVSS6AI score0.00298EPSS
Exploits0References13
NVD
NVD
added 2026/04/24 6:16 p.m.5 views

CVE-2026-41676

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...

9.8CVSS0.00298EPSS
Exploits0References1
OSV
OSV
added 2026/04/24 5:19 p.m.2 views

CVE-2026-41681 rust-openssl: MdCtxRef::digest_final() writes past caller buffer with no length check

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.39 to before 0.10.78, EVPDigestFinal always writes EVPMDCTXsizectx to the out buffer. If out is smaller than that, MdCtxRef::digestfinal writes past its end, usually corrupting the stack. This is reachable from sa...

9.3CVSS5.9AI score0.00373EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/24 5:19 p.m.5 views

CVE-2026-41681 rust-openssl: MdCtxRef::digest_final() writes past caller buffer with no length check

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.39 to before 0.10.78, EVPDigestFinal always writes EVPMDCTXsizectx to the out buffer. If out is smaller than that, MdCtxRef::digestfinal writes past its end, usually corrupting the stack. This is reachable from sa...

9.3CVSS5.2AI score0.00373EPSS
Exploits0References4
CVE
CVE
added 2026/04/24 5:19 p.m.39 views

CVE-2026-41681

CVE-2026-41681 affects rust-openssl OpenSSL bindings. From 0.10.39 through before 0.10.78, EVP_DigestFinal() writes EVP_MD_CTX_size(ctx) to the output buffer. If the destination is smaller, MdCtxRef::digest_final() writes past the end, usually corrupting the stack, and this is reachable from safe...

9.8CVSS5.2AI score0.00373EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/04/24 5:18 p.m.9 views

EUVD-2026-25584

rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrapkey contains an incorrect assertion: it checks that out.len + 8 = in.len - 8, ensuring the output buffer is large enough. Because of the inverted check, the function only accepts buffers a...

9.2CVSS5.5AI score0.00294EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/24 5:18 p.m.3 views

CVE-2026-41678

rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrapkey contains an incorrect assertion: it checks that out.len + 8 = in.len - 8, ensuring the output buffer is large enough. Because of the inverted check, the function only accepts buffers a...

9.2CVSS5.6AI score0.00294EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/24 5:17 p.m.4 views

CVE-2026-41677

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.0 to before 0.10.78, the frompemcallback APIs did not validate the length returned by the user's callback. A password callback that returns a value larger than the buffer it was given can cause some versions of...

6.3CVSS5.6AI score0.00294EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/24 5:17 p.m.42 views

CVE-2026-41677

CVE-2026-41677 affects the rust-openssl bindings for Rust. From 0.9.0 up to before 0.10.78, the *_from_pem_callback APIs did not validate the length returned by the user’s callback, allowing a password callback that returns more data than the destination buffer to cause an over-read in some OpenS...

9.1CVSS5.5AI score0.00294EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/04/24 5:16 p.m.1 views

CVE-2026-41676 rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...

9.2CVSS6AI score0.00298EPSS
Exploits0References3
Rows per page
Query Builder