GHSA-gw89-822v-8v8g

Опубликовано: 28 июл. 2025

Источник: github

Github: Прошло ревью

CVSS3: 4.5

Описание

Duplicate Advisory: openssl X509VerifyParamRef::set_host buffer over-read

This advisory has been withdrawn because it is a duplicate of GHSA-xcf7-rvmh-g6q4. This link is maintained to preserve external references.

The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::set_host.

Наименование

openssl

rust

Затронутые версииВерсия исправления

>= 0.10.0, < 0.10.55

0.10.55

4.5 Medium

CVSS3

CWE-126

4.5 Medium

CVSS3

CWE-126