New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

`rsa` crate is vulnerable to timing attack (RUSTSEC-2023-0071) #140

Open

ramosbugs opened this issue Nov 28, 2023 · 0 comments

Assignees

Owner

ramosbugs commented Nov 28, 2023

See https://rustsec.org/advisories/RUSTSEC-2023-0071.html and RustCrypto/RSA#19.

Once a fix is available, this crate should update the minimum required version of rsa in Cargo.toml.

The text was updated successfully, but these errors were encountered:

ramosbugs self-assigned this

ramosbugs added a commit that referenced this issue


          Temporarily ignore RUSTSEC-2023-0071 until fix is available (#140)

da53da9

ramosbugs added a commit that referenced this issue


          Temporarily ignore RUSTSEC-2023-0071 until fix is available (#140)

d796cca

eikek mentioned this issue

Login command using device auth flow SwissDataScienceCenter/renku-cli#14

Merged

helio-frota mentioned this issue

cargo audit warnings trustification/trustify#795

Closed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment