Security: rust-openssl/rust-openssl
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphersGHSA-phqj-4mhp-q6mq published
May 16, 2026 by alexModerate -
undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLsGHSA-xp3w-r5p5-63rr published
May 4, 2026 by alexHigh -
Heap buffer overflow when encrypting with AES key-wrap-with-paddingGHSA-xv59-967r-8726 published
May 4, 2026 by alexModerate -
Unchecked callback-returned length in PSK and cookie generate trampolines can cause OpenSSL to leak adjacent memory to the network peerGHSA-hppc-g8h3-xhp3 published
Apr 19, 2026 by alexModerate -
MdCtxRef::digest_final() writes past caller buffer with no length checkGHSA-ghm9-cr32-g9qj published
Apr 19, 2026 by alexModerate -
Incorrect bounds assertion in aes key wrapGHSA-8c75-8mhr-p7r9 published
Apr 19, 2026 by alexModerate -
Out-of-bounds read in PEM password callback when user callback returns an oversized lengthGHSA-xmgf-hq76-4vx2 published
Apr 19, 2026 by alexLow -
Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1GHSA-pqf5-4pqq-29f5 published
Apr 19, 2026 by alexModerate -
ssl::select_next_proto use after freeGHSA-rpmj-rpgj-qmpm published
Feb 2, 2025 by sfacklerModerate
Learn more about advisories related to rust-openssl/rust-openssl in the GitHub Advisory Database