Lucene search
+L

24 matches found

Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-45784 rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.50 until 0.10.80, CipherCtxRef::cipherupdateinplace in openssl/src/cipherctx.rs incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8...

5.1CVSS0.00181EPSS
Exploits0References4
OSV
OSV
added 4 days ago4 views

SUSE-SU-2026:3026-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270208. - CVE-2026-41677: openssl: out-of-bounds read in PEM password callback when returning an oversized length in rust-...

9.3CVSS6.6AI score0.00359EPSS
Exploits0References17
SUSE Linux
SUSE Linux
added 4 days ago3 views

Security update for sccache

This update for sccache fixes the following issues: Update to version 0.15.017. CVE-2023-26964: hyper,h2: high resource consumption due to stream stacking when H2 component processes HTTP2 RSTSTREAM frames bsc1210346. CVE-2024-32650: rust-rustls: infinite loop in...

8.7CVSS6.7AI score0.01121EPSS
Exploits2References56
SUSE Linux
SUSE Linux
added 5 days ago4 views

Security update for afterburn

This update for afterburn fixes the following issues: Update to version 5.10.0.git73.b97f772. Security issues fixed: CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270175. CVE-2026-41677: openssl: out-of-bounds read in PEM password...

8.7CVSS6.2AI score0.00559EPSS
Exploits1References36
SUSE CVE
SUSE CVE
added 2026/07/09 2:57 a.m.3 views

SUSE CVE-2026-44662

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...

4.8CVSS6.1AI score0.00172EPSS
Exploits0References19
OSV
OSV
added 2026/07/08 11:35 a.m.8 views

BIT-PHP-2026-14355 ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS6.1AI score0.00306EPSS
Exploits0References3
OSV
OSV
added 2026/07/08 11:32 a.m.8 views

BIT-LIBPHP-2026-14355 ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS6.1AI score0.00306EPSS
Exploits0References3
Debian
Debian
added 2026/07/04 2:23 p.m.8 views

[SECURITY] [DLA 4669-1] php8.2 security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-4669-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta July 04, 2026 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...

5.6CVSS6.1AI score0.00306EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/05/19 7:50 p.m.13 views

rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers

CipherCtxRef::cipherupdateinplace incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec, producing attacker-controllable heap corruption whe...

5.1CVSS5.8AI score0.00181EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/19 7:7 p.m.18 views

CVE-2026-44662

A flaw was found in rust-openssl. When using AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad with an input that is not a multiple of 8, the output buffers are incorrectly sized. This can lead to attacker-controllable heap corruption, allowing an attacker to write up to 7 bytes past the...

5.1CVSS5.7AI score0.00172EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.15 views

PT-2026-42029

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description The CipherCtxRef::cipher update inplace function incorrectly sizes output buffers when utilizing AES key-wrap-with-padding ciphers, specifically EVP aes 128 wrap pad, EVP aes 192 wrap pad, an...

5.1CVSS6AI score0.00181EPSS
Exploits0References126
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-44662

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate,...

5.1CVSS5.9AI score0.00172EPSS
Exploits0References3
OSV
OSV
added 2026/05/14 9:16 p.m.4 views

DEBIAN-CVE-2026-44662

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...

5.1CVSS5.9AI score0.00172EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/14 9:16 p.m.18 views

CVE-2026-44662

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...

5.1CVSS5.8AI score0.00172EPSS
Exploits0References2
OSV
OSV
added 2026/05/14 9:16 p.m.18 views

UBUNTU-CVE-2026-44662

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...

5.1CVSS5.8AI score0.00172EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/14 8:18 p.m.11 views

CVE-2026-44662

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...

5.1CVSS5.9AI score0.00172EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/14 8:18 p.m.9 views

CVE-2026-44662 rust-openssl: Heap buffer overflow when encrypting with AES key-wrap-with-padding

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...

5.1CVSS5.8AI score0.00172EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/14 8:18 p.m.13 views

EUVD-2026-30482

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...

5.1CVSS5.8AI score0.00172EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 8:18 p.m.12 views

CVE-2026-44662

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...

5.1CVSS5.8AI score0.00172EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/14 8:18 p.m.1 views

CVE-2026-44662 rust-openssl: Heap buffer overflow when encrypting with AES key-wrap-with-padding

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...

5.1CVSS6.1AI score0.00172EPSS
Exploits0References3
Rows per page
Query Builder