Skip to content
CVSS 9.1 · CRITICAL

CVE-2026-41677

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.0 to before 0.10.78, the *_from_pem_callback APIs did not validate the length returned by the user's callback. A password callback that returns a value larger than the buffer it was given can cause some versions of OpenSSL to over-read this buffer. OpenSSL 3.x is not affected by this. This vulnerability is fixed in 0.10.78.

Ver en NVD

Análisis

The rust-openssl crate (versions 0.9.0 to 0.10.77) contains a vulnerability in its PEM-loading APIs that can cause out-of-bounds memory reads when used with OpenSSL versions prior to 3.0. Developers using Rust for network services or security tools should update to version 0.10.78 to ensure callback return lengths are properly validated.

Severidad

Puntaje: 9.1(CRITICAL)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
AV: NETWORK
AC: LOW
PR: NONE
UI: NONE
S: UNCHANGED
C: HIGH
I: NONE
A: HIGH
Tipo de falla (CWE): CWE-125CWE-1284

EPSS

Probabilidad de explotación (próx. 30 días): 0.0014 (0.1%)
Percentil: 34.4%
EPSS: 2026-05-06

Afecta

rust-openssl_project:rust-openssl

Descripción técnica

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.0 to before 0.10.78, the *_from_pem_callback APIs did not validate the length returned by the user's callback. A password callback that returns a value larger than the buffer it was given can cause some versions of OpenSSL to over-read this buffer. OpenSSL 3.x is not affected by this. This vulnerability is fixed in 0.10.78.

Publicada: 24/4/2026, 18:16:29
Última modificación: 28/4/2026, 17:34:03

Referencias

InicioEventosBlogRecursosEquipo