pkg:crates.io/openssl

所有已知漏洞

• CRITICAL9.8CVE-2026-41676rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1
  >= 0.9.27, < 0.10.78
• CRITICAL9.8CVE-2026-41678rust-openssl has incorrect bounds assertion in aes key wrap
  >= 0.10.24, < 0.10.78
• CRITICAL9.8CVE-2026-41681rust-openssl: rustMdCtxRef::digest_final() writes past caller buffer with no length check
  >= 0.10.39, < 0.10.78
• CRITICAL9.8CVE-2026-41898rust-openssl: Unchecked callback length in PSK/cookie trampolines leaks adjacent memory to peer
  >= 0.9.24, < 0.10.78
• CRITICAL9.8CVE-2018-20997Use after free in CMS Signing
  >= 0.10.8, < 0.10.9
• CRITICAL9.8CVE-2018-20997Use after free in CMS Signing
  >= 0.10.8, < 0.10.9
• CRITICAL9.1CVE-2026-41677rust-opennssl has an Out-of-bounds read in PEM password callback when returning an oversized length
  >= 0.9.0, < 0.10.78
• HIGH8.1CVE-2016-10931SSL/TLS MitM vulnerability due to insecure defaults
  >= 0.0.0-0, < 0.9.0
• HIGH8.1CVE-2016-10931SSL/TLS MitM vulnerability due to insecure defaults
  from 0, < 0.9.0
• MEDIUM4.5CVE-2023-53159`openssl` `X509VerifyParamRef::set_host` buffer over-read
  >= 0.10.0, < 0.10.55
• MEDIUM4.5CVE-2023-53159`openssl` `X509VerifyParamRef::set_host` buffer over-read
  >= 0.0.0-0, < 0.10.55
• —CVE-2026-45784rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers
  >= 0.10.50, < 0.10.80
• —CVE-2026-44662rust-openssl vulnerable to heap buffer overflow when encrypting with AES key-wrap-with-padding
  >= 0.10.0, < 0.10.79
• —CVE-2026-42327rust-openssl has undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLs
  >= 0.9.7, < 0.10.79
• —CVE-2025-24898rust-openssl - security update
  >= 0.10.0, < 0.10.70
• —CVE-2025-24898rust-openssl - security update
  >= 0.0.0-0, < 0.10.70