3 matches found
CVE-2026-41677
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.0 to before 0.10.78, the frompemcallback APIs did not validate the length returned by the user's callback. A password callback that returns a value larger than the buffer it was given can cause some versions of...
rust-openssl 缓冲区错误漏洞
rust-openssl is an open-source library in the rust ecosystem that allows for interaction with the OpenSSL library. In versions 0.9.0 to 0.10.78 of rust-openssl, there was a buffer error vulnerability. This vulnerability stemmed from the frompemcallback API not verifying the length returned by use...
PT-2026-34620
Name of the Vulnerable Software and Affected Versions rust-openssl versions 0.9.0 through 0.10.77 Description The from pem callback APIs do not validate the length returned by the user's callback. A password callback returning a value larger than the provided buffer can cause certain versions of...