9525 matches found
UBUNTU-CVE-2026-42327
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...
UBUNTU-CVE-2026-44662
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...
CVE-2026-44662 rust-openssl: Heap buffer overflow when encrypting with AES key-wrap-with-padding
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...
CVE-2026-44662
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...
EUVD-2026-30482
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...
CVE-2026-44662 rust-openssl: Heap buffer overflow when encrypting with AES key-wrap-with-padding
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...
CVE-2026-44662
CVE-2026-44662 affects rust-openssl bindings (Rust) from 0.10.0 up to 0.10.79. CipherCtxRef::cipher_update, CipherCtxRef::cipher_update_vec, and symm::Crypter::update mis-sized outputs when used with AES key-wrap-with-padding ciphers (EVP_aes_{128,192,256}_wrap_pad). For non-multiple-of-8 input, ...
CVE-2026-44662
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...
CVE-2026-42327
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...
EUVD-2026-30474
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...
CVE-2026-42327 rust-openssl: undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLs
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...
CVE-2026-42327
The CVE-2026-42327 vulnerability affects rust-openssl bindings for OpenSSL, where X509Ref::ocsp_responders returns OCSP responder URLs from the AIA extension. In versions 0.9.7 through before 0.10.79, the code constructs &str from IA5String bytes using an unchecked UTF-8 assumption, allowing non-...
CVE-2026-42327
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...
CVE-2026-42327 rust-openssl: undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLs
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...
Security Bulletin: Cargo in IBM Open SDK for Rust on AIX uses a vulnerable version of thin-vec (CVE-2026-6654)
Summary The cargo package manager in IBM Open SDK for Rust on AIX 1.90.0.1 and 1.92.0.1 uses the thin-vec-0.2.14 crate, which is vulnerable to a double free error. Vulnerability Details CVEID:CVE-2026-6654 DESCRIPTION: Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear...
EUVD-2026-30292
RMCP is an official Rust SDK for the Model Context Protocol. Prior to version 1.4.0, the rmcp crate's Streamable HTTP server transport crates/rmcp/src/transport/streamablehttpserver/ did not validate the incoming Host header. This allowed a malicious public website, via a DNS rebinding attack, to...
RUSTSEC-2026-0142 Double-free in `vmem` storage reachable from safe Rust (predecessor of `oneringbuf`)
mutringbuf is the archived predecessor of oneringbuf — the crate was renamed and the GitHub repository was archived on 2025-11-20. All released versions up to 1.0.0 carry the same vmem-feature double-free bug that affects oneringbuf, with the same code paths and the same reproduction shape. When...
Double-free in `vmem` storage reachable from safe Rust
When the vmem feature is enabled, VmemStorage::newBox and every public constructor that funnels through it — ConcurrentHeapRB::defaultcap, ConcurrentHeapRB::fromVec, From, etc. bit-copies the input buffer into a freshly mmap'd region with ptr::copynonoverlapping, then lets the source Box drop...
Kimsuky targets organizations with PebbleDash-based tools
Over the past few months, we have conducted an in-depth analysis of specific activity clusters of Kimsuky aka APT43, Ruby Sleet, Black Banshee, Sparkling Pisces, Velvet Chollima, and Springtail, a prolific Korean-speaking threat actor. Our research revealed notable tactical shifts throughout...
rust-openssl 输入验证错误漏洞
rust-openssl is an open-source library in Rust that allows for interaction with the OpenSSL library. In versions 0.9.7 to 0.10.79 of rust-openssl, there was a vulnerability related to input validation errors. This vulnerability stemmed from X509Ref::ocspresponders returning the OCSP responder URL...