2 matches found
CVE-2016-10931
CVE-2016-10931 pertains to the openssl crate for Rust prior to 0.9.0. The issue is a TLS/SSL MITM vulnerability caused by certificate verification being off by default and the absence of an API for hostname verification, enabling an attacker to interfere with connections. The available documents ...
CVE-2018-20997
CVE-2018-20997 affects the openssl crate for Rust prior to 0.10.9, describing a use-after-free in CMS Signing. The provided documents do not include patch versions, mitigations, or explicit exploitation details; severity is cited as high/critical in external references (e.g., CVSS), but no exploi...