2 matches found
EUVD-2026-25582
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...
PT-2026-34619
Name of the Vulnerable Software and Affected Versions rust-openssl versions 0.9.27 through 0.10.77 Description An issue exists where Deriver::derive and PkeyCtxRef::derive set the len variable to buf.len and pass it as the in/out length to EVP PKEY derive. When using OpenSSL 1.1.x, the X25519,...