{"id":"CVE-2023-53159","details":"The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::set_host.","aliases":["GHSA-xcf7-rvmh-g6q4","RUSTSEC-2023-0044"],"modified":"2026-05-18T05:56:52.154012204Z","published":"2025-07-28T00:00:00Z","related":["CGA-c8rg-7pvv-2wq2"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53159.json","cna_assigner":"mitre","cwe_ids":["CWE-126"]},"references":[{"type":"WEB","url":"https://crates.io/crates/openssl"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53159.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53159"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2023-0044.html"},{"type":"REPORT","url":"https://github.com/sfackler/rust-openssl/issues/1965"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/rust-openssl/rust-openssl","events":[{"introduced":"0"},{"fixed":"d7dae6fb45aca39ae9793be6365d92e870e0b8ee"}]}],"versions":["openssl-v0.10.54","openssl-v0.10.53","openssl-sys-v0.9.88","openssl-v0.10.52","openssl-sys-v0.9.87","openssl-v0.10.51","openssl-sys-v0.9.86","openssl-v0.10.50","openssl-sys-v0.9.85","openssl-v0.10.49","openssl-sys-v0.9.84","openssl-macros-v0.1.1","openssl-v0.10.48","openssl-sys-v0.9.83","openssl-v0.10.47","openssl-sys-v0.9.82","openssl-v0.10.46","openssl-sys-v0.9.81","openssl-v0.10.45","openssl-sys-v0.9.80","openssl-v0.10.44","openssl-sys-v0.9.79","openssl-v0.10.43","openssl-sys-v0.9.78","openssl-sys-v0.9.77","openssl-v0.10.42","openssl-sys-v0.9.76","openssl-v0.10.41","openssl-sys-v0.9.75","openssl-sys-v0.9.74","openssl-v0.10.40","openssl-v0.10.39","openssl-macros-v0.1.0","openssl-sys-v0.9.73","openssl-sys-v0.9.72","openssl-sys-v0.9.71","openssl-sys-v0.9.65","openssl-sys-v0.9.70","openssl-v0.10.38","openssl-sys-v0.9.69","openssl-v0.10.37","openssl-sys-v0.9.68","openssl-sys-v0.9.67","openssl-v0.10.36","openssl-sys-v0.9.66","openssl-errors-v0.2.0","openssl-v0.10.35","openssl-sys-v0.9.64","openssl-sys-v0.9.63","openssl-v0.10.34","openssl-sys-v0.9.62","openssl-v0.10.33","openssl-sys-v0.9.61","openssl-v0.10.32","openssl-sys-v0.9.60","openssl-v0.10.31","openssl-sys-v0.9.59","openssl-v0.10.30","openssl-sys-v0.9.58","openssl-sys-v0.9.57","openssl-sys-v0.9.56","openssl-v0.10.29","openssl-sys-v0.9.55","openssl-v0.10.28","openssl-v0.9.27","openssl-v0.10.27","openssl-sys-v0.9.54","openssl-v0.10.26","openssl-sys-v0.9.53","openssl-sys-v0.9.52","openssl-sys-v0.9.51","openssl-v0.10.25","openssl-sys-v0.9.50","openssl-sys-v0.9.49","openssl-v0.10.24","openssl-sys-v0.9.48","openssl-v0.10.23","openssl-sys-v0.9.47","openssl-v0.10.22","openssl-sys-v0.9.46","openssl-sys-v0.9.45","openssl-v0.10.21","openssl-sys-v0.9.44","openssl-v0.10.20","openssl-sys-v0.9.43","openssl-errors-v0.1.0","openssl-v0.10.19","openssl-sys-v0.9.42","openssl-v0.10.18","openssl-v0.10.17","openssl-sys-v0.9.41","openssl-v0.10.16","openssl-sys-v0.9.40","openssl-v0.10.15","openssl-v0.10.14","openssl-sys-v0.9.39","openssl-sys-v0.9.38","openssl-v0.10.13","openssl-sys-v0.9.37","openssl-v0.10.12","openssl-sys-v0.9.36","openssl-v0.10.11","openssl-sys-v0.9.35","openssl-v0.10.10","openssl-sys-v0.9.33","openssl-v0.10.9","openssl-sys-v0.9.32","openssl-v0.10.8","openssl-sys-v0.9.31","openssl-v0.10.7","openssl-sys-v0.9.30","openssl-v0.10.6","openssl-sys-v0.9.28","openssl-v0.10.5","openssl-sys-v0.9.27","openssl-v0.10.4","openssl-sys-v0.9.26","openssl-v0.10.3","openssl-sys-v0.9.25","v0.9.23","openssl-v0.10.2","openssl-v0.10.1","openssl-v0.10.0","openssl-sys-v0.9.24","v0.9.22","v0.9.21","v0.9.20","v0.9.19","v0.9.18","v0.9.17","v0.9.16","v0.9.15","v0.9.14","v0.9.13","v0.9.12","v0.9.11","v0.9.10","v0.9.9","v0.9.8","v0.9.7","v0.9.6","v0.9.5","v0.9.4","v0.9.3","v0.9.2","v0.9.1","v0.6.2","v0.6.1","v0.6.0","v0.5.5","v0.5.4","v0.5.3","v0.5.2","v0.5.0","v0.4.3","v0.4.2","v0.4.1","v0.4.0","v0.3.6","v0.3.5","v0.3.4","v0.3.3","v0.3.2","v0.3.1","v0.3.0","v0.2.16","v0.2.18","v0.2.17","v0.2.15","v0.2.14","v0.2.13","v0.2.12","v0.2.11","v0.2.10","v0.2.9","v0.2.8","v0.2.7","v0.2.6","v0.2.5","v0.2.4","v0.2.3","v0.2.2","v0.2.1","v0.2.0","v0.1.1","v0.1.0","v0.0.2","rust-0.12","rust-0.11","rust-0.10","v0.1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53159.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L"}]}