← Back

CVE-2023-53159

nvd nist
Published: Jul 28, 2025Modified: Aug 7, 2025

JSON object

Loading...
9.1
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Exploitability: 3.9 / Impact: 5.2
Source: NVD

Description

The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::set_host.

Affected (1)

Products: Sfackler: Openssl
Sfackler
1 product
Openssl
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Openssl
Before 0.10.55

Related CWEs

CWE-126
Buffer Over-read
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

References (3)

Source: cve@mitre.org
Product
Source: cve@mitre.org
ExploitPatch
Source: cve@mitre.org
Third Party Advisory

Timeline

No history available yet.