Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.13 views

PT-2026-42029

CipherCtxRef::cipher update inplace incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVP aes 128,192,256 wrap pad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec, producing attacker-controllable heap corrupti...

5.1CVSS5.8AI score0.00019EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 9:16 p.m.10 views

CVE-2026-44662

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...

5.1CVSS5.8AI score0.00172EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.10 views

rust-openssl 安全漏洞

rust-openssl is an open-source library designed for interacting with the OpenSSL library. There were security vulnerabilities in the version of rust-openssl from 0.10.0 to 0.10.79. These vulnerabilities stemmed from incorrect calculations of the output buffer size when using AES key wrap padding,...

5.1CVSS5.9AI score0.00172EPSS
Exploits0References1
OSV
OSV
added 2026/05/07 10:33 p.m.6 views

GHSA-XV59-967R-8726 rust-openssl vulnerable to heap buffer overflow when encrypting with AES key-wrap-with-padding

CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec,...

5.1CVSS5.9AI score0.00172EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/07 10:33 p.m.10 views

rust-openssl vulnerable to heap buffer overflow when encrypting with AES key-wrap-with-padding

CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec,...

5.1CVSS5.9AI score0.00172EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.11 views

PT-2026-38626

Name of the Vulnerable Software and Affected Versions rust-openssl versions 0.10.0 through 0.10.78 Description Incorrect output buffer sizing occurs when using AES key-wrap-with-padding ciphers EVP aes 128,192,256 wrap pad. For inputs that are not a multiple of 8, OpenSSL may write up to 7 bytes...

5.1CVSS5.8AI score0.00172EPSS
Exploits0References5
Rows per page
Query Builder