Advisories for package 'openssl-src'

February 7, 2023
RUSTSEC-2023-0006: Vulnerability in openssl-src

X.400 address type confusion in X.509 GeneralName
February 7, 2023
RUSTSEC-2023-0010: Vulnerability in openssl-src

Double free after calling PEM_read_bio_ex
February 7, 2023
RUSTSEC-2023-0007: Vulnerability in openssl-src

Timing Oracle in RSA Decryption
February 7, 2023
RUSTSEC-2023-0013: Vulnerability in openssl-src

NULL dereference during PKCS7 data verification
February 7, 2023
RUSTSEC-2023-0008: Vulnerability in openssl-src

X.509 Name Constraints Read Buffer Overflow
February 7, 2023
RUSTSEC-2023-0009: Vulnerability in openssl-src

Use-after-free following BIO_new_NDEF
February 7, 2023
RUSTSEC-2023-0011: Vulnerability in openssl-src

Invalid pointer dereference in d2i_PKCS7 functions
February 7, 2023
RUSTSEC-2023-0012: Vulnerability in openssl-src

NULL dereference validating DSA public key
November 1, 2022
RUSTSEC-2022-0065: Vulnerability in openssl-src

X.509 Email Address Variable Length Buffer Overflow
November 1, 2022
RUSTSEC-2022-0064: Vulnerability in openssl-src

X.509 Email Address 4-byte Buffer Overflow
October 11, 2022
RUSTSEC-2022-0059: Vulnerability in openssl-src

Using a Custom Cipher with NID_undef may lead to NULL encryption
July 5, 2022
RUSTSEC-2022-0032: Vulnerability in openssl-src

AES OCB fails to encrypt some bytes
July 5, 2022
RUSTSEC-2022-0033: Vulnerability in openssl-src

Heap memory corruption with RSA private key operation
May 19, 2022
MEDIUM RUSTSEC-2022-0027: Vulnerability in openssl-src

OCSP_basic_verify may incorrectly verify the response signing certificate
May 19, 2022
MEDIUM RUSTSEC-2022-0026: Vulnerability in openssl-src

Incorrect MAC key used in the RC4-MD5 ciphersuite
May 19, 2022
HIGH RUSTSEC-2022-0025: Vulnerability in openssl-src

Resource leakage when decoding certificates and keys
March 16, 2022
RUSTSEC-2022-0014: Vulnerability in openssl-src

Infinite loop in BN_mod_sqrt() reachable when parsing certificates
December 15, 2021
RUSTSEC-2021-0129: Vulnerability in openssl-src

Invalid handling of X509_verify_cert() internal errors in libssl
August 24, 2021
HIGH RUSTSEC-2021-0098: Vulnerability in openssl-src

Read buffer overruns processing ASN.1 strings
August 24, 2021
CRITICAL RUSTSEC-2021-0097: Vulnerability in openssl-src

SM2 Decryption Buffer Overflow
May 1, 2021
MEDIUM RUSTSEC-2021-0055: Vulnerability in openssl-src

NULL pointer deref in signature_algorithms processing
May 1, 2021
HIGH RUSTSEC-2021-0056: Vulnerability in openssl-src

CA certificate check bypass with X509_V_FLAG_X509_STRICT
May 1, 2021
MEDIUM RUSTSEC-2021-0058: Vulnerability in openssl-src

Null pointer deref in X509_issuer_and_serial_hash()
May 1, 2021
HIGH RUSTSEC-2021-0057: Vulnerability in openssl-src

Integer overflow in CipherUpdate
October 1, 2020
HIGH RUSTSEC-2020-0015: Vulnerability in openssl-src

Crash causing Denial of Service attack

MEDIUM RUSTSEC-2022-0027: Vulnerability in openssl-src

MEDIUM RUSTSEC-2022-0026: Vulnerability in openssl-src

HIGH RUSTSEC-2022-0025: Vulnerability in openssl-src

HIGH RUSTSEC-2021-0098: Vulnerability in openssl-src

CRITICAL RUSTSEC-2021-0097: Vulnerability in openssl-src

MEDIUM RUSTSEC-2021-0055: Vulnerability in openssl-src

HIGH RUSTSEC-2021-0056: Vulnerability in openssl-src

MEDIUM RUSTSEC-2021-0058: Vulnerability in openssl-src

HIGH RUSTSEC-2021-0057: Vulnerability in openssl-src

HIGH RUSTSEC-2020-0015: Vulnerability in openssl-src