2920 matches found
DEBIAN-CVE-2026-44662
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...
CVE-2026-44662
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...
CVE-2026-44662
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...
UBUNTU-CVE-2026-44662
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...
CVE-2026-44662
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...
EUVD-2026-30482
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...
CVE-2026-44662 rust-openssl: Heap buffer overflow when encrypting with AES key-wrap-with-padding
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...
CVE-2026-44662
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...
CVE-2026-44662
CVE-2026-44662 affects rust-openssl bindings (Rust) from 0.10.0 up to 0.10.79. CipherCtxRef::cipher_update, CipherCtxRef::cipher_update_vec, and symm::Crypter::update mis-sized outputs when used with AES key-wrap-with-padding ciphers (EVP_aes_{128,192,256}_wrap_pad). For non-multiple-of-8 input, ...
rust-openssl 安全漏洞
rust-openssl is an open-source library designed for interacting with the OpenSSL library. There were security vulnerabilities in the version of rust-openssl from 0.10.0 to 0.10.79. These vulnerabilities stemmed from incorrect calculations of the output buffer size when using AES key wrap padding,...
SUSE CVE-2026-45191
Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass. Mask forms like "/00" and "/01" pass validation and parse to the same prefix as their unpadded value. See also CVE-2026-45190...
EUVD-2026-28999
Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass. Mask forms like "/00" and "/01" pass validation and parse to the same prefix as their unpadded value. See also CVE-2026-45190...
ALPINE-CVE-2026-45191
Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass. Mask forms like "/00" and "/01" pass validation and parse to the same prefix as their unpadded value. See also CVE-2026-45190...
CVE-2026-45191
Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass. Mask forms like "/00" and "/01" pass validation and parse to the same prefix as their unpadded value. See also CVE-2026-45190...
PT-2026-39539
Name of the Vulnerable Software and Affected Versions Net::CIDR::Lite versions prior to 0.24 Description Improper validation of CIDR mask values allows extraneous zero characters to be processed. Mask forms such as "/00" and "/01" pass validation and are parsed as the same prefix as their unpadde...
SUSE SLES12 Security Update : strongswan (SUSE-SU-2026:1762-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1762-1 advisory. - CVE-2026-35329: NULL pointer dereference when processing padding in PKCS7 bsc1261717. - CVE-2026-35330: integer underflow when handling...
Security update for strongswan
This update for strongswan fixes the following issues: CVE-2026-35329: NULL pointer dereference when processing padding in PKCS7 bsc1261717. CVE-2026-35330: integer underflow when handling EAP-SIM/AKA attributes bsc1261705. CVE-2026-35331: acceptance of certificates violating X.509 name constrain...
GHSA-XV59-967R-8726 rust-openssl vulnerable to heap buffer overflow when encrypting with AES key-wrap-with-padding
CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec,...
rust-openssl vulnerable to heap buffer overflow when encrypting with AES key-wrap-with-padding
CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec,...
SUSE CVE-2026-43089
In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildmapping struct xfrmusersaid has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structur...