A vulnerability classified as critical has been found in rust-openssl up to 0.10.77. Affected by this vulnerability is the function _from_pem_callback of the component API. This manipulation causes out-of-bounds read. This vulnerability is handled as CVE-2026-41677. The attack can be initiated remotely.
| Vendor | Product | Versions |
|---|---|---|
| rust-openssl_project | rust-openssl | rust/openssl: >= 0.9.0, < 0.10.78 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| oracle | oracle linux | cert_advisory | 90% |
Updated severity to CRITICAL, marked as actively exploited, and provided a more detailed description of the vulnerability.
Initial creation