Categories ⋅ Keywords ⋅ Packages Advisories in category 'crypto-failure' September 8, 2021 RUSTSEC-2021-0100: Vulnerability in sha2 Miscomputed results when using AVX2 backend August 24, 2021 CRITICAL RUSTSEC-2021-0097: Vulnerability in openssl-src SM2 Decryption Buffer Overflow August 24, 2021 HIGH RUSTSEC-2021-0098: Vulnerability in openssl-src Read buffer overruns processing ASN.1 strings July 13, 2021 RUSTSEC-2021-0076: Vulnerability in libsecp256k1 libsecp256k1 allows overflowing signatures July 8, 2021 RUSTSEC-2021-0075: Vulnerability in ark-r1cs-std Flaw in FieldVar::mul_by_inverse allows unsound R1CS constraint systems May 1, 2021 HIGH RUSTSEC-2021-0056: Vulnerability in openssl-src CA certificate check bypass with X509_V_FLAG_X509_STRICT February 12, 2021 CRITICAL RUSTSEC-2021-0023: Vulnerability in rand_core Incorrect check on buffer length when seeding RNGs December 9, 2020 MEDIUM RUSTSEC-2020-0089: Vulnerability in nanorand nanorand 0.5.0 - RNGs failed to generate properly for non-64-bit numbers January 22, 2020 MEDIUM RUSTSEC-2020-0156: Vulnerability in libsecp256k1-rs Observable Discrepancy in libsecp256k1-rs October 22, 2019 HIGH RUSTSEC-2019-0029: Vulnerability in chacha20 ChaCha20 counter overflow can expose repetitions in the keystream October 14, 2019 HIGH RUSTSEC-2019-0027: Vulnerability in libsecp256k1 Flaw in Scalar::check_overflow allows side-channel timing attack October 6, 2019 RUSTSEC-2019-0030: Vulnerability in streebog Incorrect implementation of the Streebog hash functions October 3, 2019 HIGH RUSTSEC-2019-0025: Vulnerability in serde_cbor Flaw in CBOR deserializer allows stack overflow August 25, 2019 CRITICAL RUSTSEC-2019-0019: Vulnerability in blake2 HMAC-BLAKE2 algorithms compute incorrect results May 9, 2016 MEDIUM RUSTSEC-2016-0002: Vulnerability in hyper HTTPS MitM vulnerability due to lack of hostname verification