Lucene search
K

4 matches found

OSV
OSV
added 2026/04/22 9:17 p.m.6 views

GHSA-8C75-8MHR-P7R9 rust-openssl has incorrect bounds assertion in aes key wrap

Summary aes::unwrapkey has an incorrect bounds assertion on the out buffer size, which can lead to out-of-bounds write. Details aes::unwrapkey contains an incorrect assertion: it checks that out.len + 8 = in.len - 8, ensuring the output buffer is large enough. Because of the inverted check, the...

9.2CVSS6AI score0.00294EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2022/06/16 11:51 p.m.4 views

aes-keywrap-rs (>=0.1.0 <=0.2.0), shadowsocks (>=1.10.0 <=1.12.3) +1 more potentially affected by CVE-2021-45709 via crypto2 (=0.1.2)

crypto2 CARGO version =0.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on crypto2 and may be impacted: - aes-keywrap-rs =0.1.0, =1.10.0, =0.1.0, =0.2.5 Source cves: CVE-2021-45709 Source advisory: OSV:GHSA-PMCV-MGCF-RVXG...

9.8CVSS7.2AI score0.00753EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/01/06 10:4 p.m.4 views

aes-keywrap-rs (>=0.1.0 <=0.2.0), shadowsocks (>=1.10.0 <=1.12.3) +1 more potentially affected by CVE-2021-45709 via crypto2 (=0.1.2)

crypto2 CARGO version =0.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on crypto2 and may be impacted: - aes-keywrap-rs =0.1.0, =1.10.0, =0.1.0, =0.2.5 Source cves: CVE-2021-45709 Source advisory: OSV:GHSA-9HFG-PXR6-Q4VP...

9.8CVSS7.2AI score0.00753EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/10/08 12:0 p.m.3 views

aes-keywrap-rs (>=0.1.0 <=0.2.0), shadowsocks (>=1.10.0 <=1.12.3) +1 more potentially affected by CVE-2021-45709 via crypto2 (=0.1.2)

crypto2 CARGO version =0.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on crypto2 and may be impacted: - aes-keywrap-rs =0.1.0, =1.10.0, =0.1.0, =0.2.5 Source cves: CVE-2021-45709 Source advisory: OSV:RUSTSEC-2021-0121...

9.8CVSS7.2AI score0.00753EPSS
Exploits0
Rows per page
Query Builder