Which versions of rust-openssl are affected by CVE-2026-42327?

A memory safety vulnerability in rust-openssl's X509Ref::ocsp_responders function allows attackers to trigger undefined behavior by submitting crafted X.509 certificates with malformed OCSP responder…. A patch is available.

rust-openssl CVE-2026-42327

Q: What is the CVSS score of CVE-2026-42327?

CVE-2026-42327 has a CVSS 4.0 base score of 8.7 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-30474 HIGH

Improper Input Validation (CWE-20)

2026-05-05 https://github.com/rust-openssl/rust-openssl

GHSA-xp3w-r5p5-63rr

Information Disclosure OpenSSL Red Hat

8.7

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Updated

May 14, 2026 - 21:28 vuln.today

v2 (cvss_changed)

Re-analysis Queued

May 14, 2026 - 21:22 vuln.today

cvss_changed

CVSS changed

May 14, 2026 - 21:22 NVD

8.7 (HIGH)

Source Code Evidence Fetched

May 05, 2026 - 22:30 vuln.today

Analysis Generated

May 05, 2026 - 22:30 vuln.today

DescriptionNVD

X509Ref::ocsp_responders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref<Target = str> wraps the raw bytes with str::from_utf8_unchecked. OpenSSL does not enforce that the underlying IA5String is ASCII, so a certificate with non-UTF-8 bytes in its OCSP accessLocation causes safe Rust code to construct a &str that violates the UTF-8 invariant - resulting in undefined behavior.

AnalysisAI

Undefined behavior in rust-openssl's X509Ref::ocsp_responders allows crafted X.509 certificates with non-UTF-8 OCSP responder URLs to violate Rust's memory safety guarantees. Applications parsing untrusted certificates (TLS handshakes, certificate validation pipelines, PKI tooling) can trigger undefined behavior through safe Rust code when processing malformed AIA extensions. …

RemediationAI

Within 24 hours: Identify all internal applications and dependencies using rust-openssl versions prior to 0.10.79 via package manifests and vulnerability scanning tools. Within 7 days: Upgrade rust-openssl to version 0.10.79 or later and rebuild all affected application binaries; coordinate testing in staging environments to confirm TLS functionality post-update. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-9277 HIGH This Week

8.1 May 22

Command injection in the shell-quote npm package allows attackers who can influence object-token inputs to inject arbitr

CVE-2026-9256 HIGH This Week

8.1 May 22

Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers

Vendor StatusVendor

CVE-2026-42327 vulnerability details – vuln.today

Back

rust-openssl CVE-2026-42327

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

More from same product – last 7 days

Vendor StatusVendor

Share

rust-openssl CVE-2026-42327

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Vendor StatusVendor

Share

External POC / Exploit Code