Fedora: Security Advisory (FEDORA-2024-6bcc5bbd5f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-41e6e2fc74)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-0d14d0d2f9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-35875

An issue was discovered in the tokio-rustls crate before 0.13.1 for Rust. Excessive memory usage may occur when data arrives quickly...

CVE-2019-15541

rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service loop of connevent and ready by arranging for a client to never be writable...

surf is unmaintained

The developer has indicated that the crate is unmaintained. The last release is over three years old from 2021, the crate depends on the deprecated async-std crate and on a very old version of rustls for TLS support. Possible alternatives - reqwest - ureq...

RUSTSEC-2025-0036 surf is unmaintained

The developer has indicated that the crate is unmaintained. The last release is over three years old from 2021, the crate depends on the deprecated async-std crate and on a very old version of rustls for TLS support. Possible alternatives - reqwest - ureq...

PT-2025-21911 · Crates.Io · Surf

The developer has indicated that the crate is unmaintained. The last release is over three years old from 2021, the crate depends on the deprecated async-std crate and on a very old version of rustls for TLS support. Possible alternatives - reqwest - ureq...

Security Bulletin: IBM DataPower Gateway vulnerable to denial of service due to rustls

Summary Rustls is used in gateway peering Vulnerability Details CVEID:CVE-2024-11738 DESCRIPTION: A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message. CWE:CWE-248: Uncaught Exception CVSS Source:...

curl: Buffer Overflow in curl's Rustls Backend

Summary: summary of the vulnerability A buffer overflow vulnerability exists in the curl library's Rustls backend due to an integer overflow in the dynamic buffer management. This issue could potentially allow an attacker to overwrite memory, leading to application crashes or, in theory, arbitrar...

Linux Distros Unpatched Vulnerability : CVE-2024-32650

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a...

GHSA-X3QX-M3C2-QFHX vulnerabilities

Vulnerabilities for packages: curl, curl-rustls...

GHSA-7XW9-W465-6X42 vulnerabilities

Vulnerabilities for packages: curl, curl-rustls...

GHSA-7XW9-W465-6X42 vulnerabilities

Vulnerabilities for packages: curl, curl-rustls...

*ring* is unmaintained

The author has announced an indefinite hiatus in its development, noting that any reported security vulnerabilities may go unaddressed for prolonged periods of time. Update: security maintenance only After this advisory was published, the author graciously agreed to give access to the rustls team...

PT-2025-7652 · Ring · Ring

Name of the Vulnerable Software and Affected Versions: ring affected versions not specified Description: The development of the ring software has been put on indefinite hiatus, which may result in reported security issues going unaddressed for extended periods. However, the rustls team has agreed...

Fedora: Security Advisory (FEDORA-2024-5a5f401785)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 41 Update: rust-rustls-0.23.19-1.fc41

Rustls is a modern TLS library written in Rust...

[SECURITY] Fedora 40 Update: rust-rustls-0.23.19-1.fc40

Rustls is a modern TLS library written in Rust...

Fedora 41 : rust-rustls (2024-0d14d0d2f9)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-0d14d0d2f9 advisory. Update to version 0.23.19. This version includes fix for RUSTSEC-2024-0399. Tenable has extracted the preceding description block directly from the Fedora...