Advisories for package 'openssl'

July 21, 2024
RUSTSEC-2024-0357: Vulnerability in openssl

MemBio::get_buf has undefined behavior with empty buffers
November 28, 2023
INFO RUSTSEC-2023-0072: Unsoundness in openssl

openssl X509StoreRef::objects is unsound
June 20, 2023
RUSTSEC-2023-0044: Vulnerability in openssl

openssl X509VerifyParamRef::set_host buffer over-read
March 23, 2023
RUSTSEC-2023-0022: Vulnerability in openssl

openssl X509NameBuilder::build returned object is not thread safe
March 23, 2023
RUSTSEC-2023-0024: Vulnerability in openssl

openssl X509Extension::new and X509Extension::new_nid null pointer dereference
March 23, 2023
RUSTSEC-2023-0023: Vulnerability in openssl

openssl SubjectAlternativeName and ExtendedKeyUsage::other allow arbitrary file read
October 1, 2020
CRITICAL RUSTSEC-2018-0010: Vulnerability in openssl

Use after free in CMS Signing
October 1, 2020
HIGH RUSTSEC-2016-0001: Vulnerability in openssl

SSL/TLS MitM vulnerability due to insecure defaults