CVE-2026-21895

Опубликовано: 08 янв. 2026

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 5.3

Описание

The rsa crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is 1. Version 0.9.10 fixes the issue.

Релиз	Статус	Примечание
devel	not-affected	0.9.10-1
esm-apps/noble	needs-triage
jammy	DNE
noble	needs-triage
plucky	ignored	end of life, was needs-triage
questing	needs-triage
upstream	released	0.9.10-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 5%

0.0002

Низкий

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2026-21895

CVSS3: 5.5

redhat

3 месяца назад

The `rsa` crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is `1`. Version 0.9.10 fixes the issue.

CVE-2026-21895

CVSS3: 5.3

nvd

3 месяца назад

CVE-2026-21895

msrc

2 месяца назад

rsa crate has potential panic on a prime being equal to 1

CVE-2026-21895

CVSS3: 5.3

debian

3 месяца назад

The `rsa` crate is an RSA implementation written in rust. Prior to ver ...

GHSA-9c48-w39g-hm26

github

3 месяца назад

rsa crate has potential panic on a prime being equal to 1

EPSS

Процентиль: 5%

0.0002

Низкий

5.3 Medium

CVSS3

CVE-2026-21895

Описание

Пакет rust-rsa

Ссылки на источники

Связанные уязвимости