Categories ⋅ Keywords ⋅ Packages Advisories in category 'crypto-failure' May 9, 2022 MEDIUM RUSTSEC-2022-0018: Vulnerability in totp-rs Timing attack May 3, 2022 HIGH RUSTSEC-2022-0025: Vulnerability in openssl-src Resource leakage when decoding certificates and keys May 3, 2022 MEDIUM RUSTSEC-2022-0026: Vulnerability in openssl-src Incorrect MAC key used in the RC4-MD5 ciphersuite May 3, 2022 MEDIUM RUSTSEC-2022-0027: Vulnerability in openssl-src OCSP_basic_verify may incorrectly verify the response signing certificate February 28, 2022 RUSTSEC-2022-0011: Vulnerability in rust-crypto Miscomputation when performing AES encryption in rust-crypto February 7, 2022 RUSTSEC-2022-0009: Vulnerability in libp2p-core Failure to verify the public key of a SignedEnvelope against the PeerId in a PeerRecord September 8, 2021 RUSTSEC-2021-0100: Vulnerability in sha2 Miscomputed results when using AVX2 backend August 24, 2021 CRITICAL RUSTSEC-2021-0097: Vulnerability in openssl-src SM2 Decryption Buffer Overflow August 24, 2021 HIGH RUSTSEC-2021-0098: Vulnerability in openssl-src Read buffer overruns processing ASN.1 strings July 13, 2021 RUSTSEC-2021-0076: Vulnerability in libsecp256k1 libsecp256k1 allows overflowing signatures July 8, 2021 RUSTSEC-2021-0075: Vulnerability in ark-r1cs-std Flaw in FieldVar::mul_by_inverse allows unsound R1CS constraint systems May 1, 2021 HIGH RUSTSEC-2021-0056: Vulnerability in openssl-src CA certificate check bypass with X509_V_FLAG_X509_STRICT February 12, 2021 CRITICAL RUSTSEC-2021-0023: Vulnerability in rand_core Incorrect check on buffer length when seeding RNGs December 9, 2020 MEDIUM RUSTSEC-2020-0089: Vulnerability in nanorand nanorand 0.5.0 - RNGs failed to generate properly for non-64-bit numbers January 22, 2020 MEDIUM RUSTSEC-2020-0156: Vulnerability in libsecp256k1-rs Observable Discrepancy in libsecp256k1-rs January 21, 2020 RUSTSEC-2020-0160: Vulnerability in shamir Threshold value is ignored (all shares are n=3) October 22, 2019 HIGH RUSTSEC-2019-0029: Vulnerability in chacha20 ChaCha20 counter overflow can expose repetitions in the keystream October 14, 2019 HIGH RUSTSEC-2019-0027: Vulnerability in libsecp256k1 Flaw in Scalar::check_overflow allows side-channel timing attack October 6, 2019 RUSTSEC-2019-0030: Vulnerability in streebog Incorrect implementation of the Streebog hash functions October 3, 2019 HIGH RUSTSEC-2019-0025: Vulnerability in serde_cbor Flaw in CBOR deserializer allows stack overflow August 25, 2019 CRITICAL RUSTSEC-2019-0019: Vulnerability in blake2 HMAC-BLAKE2 algorithms compute incorrect results May 9, 2016 MEDIUM RUSTSEC-2016-0002: Vulnerability in hyper HTTPS MitM vulnerability due to lack of hostname verification