CVE-2023-53159

Medium CVSS: 4.5

The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::set_host.

Vendor

Product

CWE

Yayın Tarihi

2025-07-28 03:15:23

Güncelleme

2025-08-07 15:30:41

Source Identifier

cve@mitre.org

KEV Date Added

CWE-126 Openssl MEDIUM Sfackler 2025

https://crates.io/crates/openssl https://github.com/sfackler/rust-openssl/issues/1965 https://rustsec.org/advisories/RUSTSEC-2023-0044.html

Medium

CVE-2026-22795

Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS#12 file.…

Medium

CVE-2026-22796

Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS#7 data where an ASN1_T…

High

CVE-2025-69419

Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16…

High

CVE-2025-69420

Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1_TYPE unio…

High

CVE-2025-69421

Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i…

Medium

CVE-2025-69418

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs who…