Lucene search
K

11 matches found

OSV
OSV
added 2026/05/19 7:50 p.m.7 views

GHSA-PHQJ-4MHP-Q6MQ rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers

CipherCtxRef::cipherupdateinplace incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec, producing attacker-controllable heap corruption whe...

5.1CVSS5.8AI score0.00019EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.12 views

PT-2026-42029

CipherCtxRef::cipher update inplace incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVP aes 128,192,256 wrap pad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec, producing attacker-controllable heap corrupti...

5.1CVSS5.8AI score0.00019EPSS
Exploits0References3
NVD
NVD
added 2026/05/14 9:16 p.m.8 views

CVE-2026-44662

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...

5.1CVSS0.00172EPSS
Exploits0References1
CVE
CVE
added 2026/05/14 8:18 p.m.21 views

CVE-2026-44662

CVE-2026-44662 affects rust-openssl bindings (Rust) from 0.10.0 up to 0.10.79. CipherCtxRef::cipher_update, CipherCtxRef::cipher_update_vec, and symm::Crypter::update mis-sized outputs when used with AES key-wrap-with-padding ciphers (EVP_aes_{128,192,256}_wrap_pad). For non-multiple-of-8 input, ...

5.1CVSS5.8AI score0.00172EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 8:18 p.m.33 views

CVE-2026-44662 rust-openssl: Heap buffer overflow when encrypting with AES key-wrap-with-padding

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...

5.1CVSS0.00172EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/24 5:18 p.m.8 views

CVE-2026-41678 rust-openssl: Incorrect bounds assertion in aes key wrap

rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrapkey contains an incorrect assertion: it checks that out.len + 8 = in.len - 8, ensuring the output buffer is large enough. Because of the inverted check, the function only accepts buffers a...

9.2CVSS5.5AI score0.00294EPSS
Exploits0References1
CVE
CVE
added 2026/04/24 5:18 p.m.21 views

CVE-2026-41678

CVE-2026-41678 affects rust-openssl bindings. The aes::unwrap_key() function contains an inverted assertion (out.len() + 8 = in_.len() - 8, allowing potential out-of-bounds writes when buffers are smaller than required. This vulnerability is limited to versions before 0.10.78; 0.10.78 fixes the i...

9.8CVSS5.5AI score0.00294EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/24 5:18 p.m.35 views

CVE-2026-41678 rust-openssl: Incorrect bounds assertion in aes key wrap

rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrapkey contains an incorrect assertion: it checks that out.len + 8 = in.len - 8, ensuring the output buffer is large enough. Because of the inverted check, the function only accepts buffers a...

9.2CVSS0.00294EPSS
Exploits0References1
OSV
OSV
added 2026/02/06 3:57 p.m.6 views

OESA-2026-1320 opencryptoki security update

openCryptoki is an implementation of the PKCS 11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the...

6.8CVSS6.2AI score0.00237EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/01/15 12:23 a.m.4 views

SUSE CVE-2026-22791

openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...

6.1CVSS7AI score0.00237EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/14 4:1 p.m.5 views

CVE-2026-22791

A flaw was found in openCryptoki, a library for cryptographic operations. A local attacker can exploit a heap buffer overflow vulnerability within the CKMECDHAESKEYWRAP implementation. By providing a compressed Elliptic Curve EC public key and invoking the CWrapKey function, the attacker can...

6.6CVSS5.2AI score0.00237EPSS
Exploits1References6
Rows per page
Query Builder