Rust-openssl_project Rust-openssl
5 CVEs affecting Rust-openssl_project Rust-openssl. Latest disclosed: 2026-04-24. Critical: 5, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-41898 | Critical | 9.8 | 2026-04-24 | rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind SslContextBuilder::set_psk… |
CVE-2026-41681 | Critical | 9.8 | 2026-04-24 | rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.39 to before 0.10.78, EVP_DigestFinal() always writes EVP_MD_CTX_size(ctx)… |
CVE-2026-41678 | Critical | 9.8 | 2026-04-24 | rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrap_key() contains an incorrect assertion: it check… |
CVE-2026-41676 | Critical | 9.8 | 2026-04-24 | rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive (and PkeyCtxRef::derive) sets len = b… |
CVE-2026-41677 | Critical | 9.1 | 2026-04-24 | rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.0 to before 0.10.78, the *_from_pem_callback APIs did not validate the leng… |