Debian Rust-Openssl vulnerabilities

5 known vulnerabilities affecting debian/rust-openssl.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2LOW3

Vulnerabilities

Page 1 of 1
CVE-2025-24898MEDIUMCVSS 6.3fixed in rust-openssl 0.10.29-1+deb11u1 (bullseye)2025
CVE-2025-24898 [MEDIUM] CVE-2025-24898: rust-openssl - rust-openssl is a set of OpenSSL bindings for the Rust programming language. In ... rust-openssl is a set of OpenSSL bindings for the Rust programming language. In affected versions `ssl::select_next_proto` can return a slice pointing into the `server` argument's buffer but with a lifetime bound to the `client` argument. In situations where the `sever` buffer's lifetime is shorter than the `client` buffer's, this can cause a use after free.
debian
CVE-2025-3416LOWCVSS 3.7fixed in rust-openssl 0.10.72-1 (forky)2025
CVE-2025-3416 [LOW] CVE-2025-3416: rust-openssl - A flaw was found in OpenSSL's handling of the properties argument in certain fun... A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 0.10.72-1) sid: resolve
debian
CVE-2023-53159MEDIUMCVSS 4.5fixed in rust-openssl 0.10.57-1 (forky)2023
CVE-2023-53159 [MEDIUM] CVE-2023-53159: rust-openssl - The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an em... The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::set_host. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 0.10.57-1) sid: resolved (fixed in 0.10.57-1) trixie: resolved (fixed in 0.10.57-1)
debian
CVE-2018-20997LOWCVSS 9.82018
CVE-2018-20997 [CRITICAL] CVE-2018-20997: rust-openssl - An issue was discovered in the openssl crate before 0.10.9 for Rust. A use-after... An issue was discovered in the openssl crate before 0.10.9 for Rust. A use-after-free occurs in CMS Signing. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
CVE-2016-10931LOWCVSS 8.12016
CVE-2016-10931 [HIGH] CVE-2016-10931: rust-openssl - An issue was discovered in the openssl crate before 0.9.0 for Rust. There is an ... An issue was discovered in the openssl crate before 0.9.0 for Rust. There is an SSL/TLS man-in-the-middle vulnerability because certificate verification is off by default and there is no API for hostname verification. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian