An issue was discovered in the openssl crate before 0.9.0 for Rust. There is an SSL/TLS man-in-the-middle vulnerability because certificate verification is off by default and there is no API for hostname verification.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://rustsec.org/advisories/RUSTSEC-2016-0001.html |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-08-26T12:00:16
Updated: 2024-08-06T03:38:56.676Z
Reserved: 2019-08-25T00:00:00
Link: CVE-2016-10931
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-08-26T12:15:11.327
Modified: 2024-11-21T02:45:06.207
Link: CVE-2016-10931
Redhat
No data.