Search criteria
4 vulnerabilities found for RSA by RustCrypto
CVE-2026-21895 (GCVE-0-2026-21895)
Vulnerability from nvd – Published: 2026-01-08 14:06 – Updated: 2026-01-08 15:55
VLAI?
Title
rsa crate has potential panic on a prime being equal to 1
Summary
The `rsa` crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is `1`. Version 0.9.10 fixes the issue.
Severity ?
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RustCrypto | RSA |
Affected:
< 0.9.10
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21895",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-08T14:52:10.453165Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T15:55:13.043Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RSA",
"vendor": "RustCrypto",
"versions": [
{
"status": "affected",
"version": "\u003c 0.9.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The `rsa` crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is `1`. Version 0.9.10 fixes the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.7,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T14:06:29.288Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-9c48-w39g-hm26",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-9c48-w39g-hm26"
},
{
"name": "https://github.com/RustCrypto/RSA/commit/2926c91bef7cb14a7ccd42220a698cf4b1b692f7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RustCrypto/RSA/commit/2926c91bef7cb14a7ccd42220a698cf4b1b692f7"
}
],
"source": {
"advisory": "GHSA-9c48-w39g-hm26",
"discovery": "UNKNOWN"
},
"title": "rsa crate has potential panic on a prime being equal to 1"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-21895",
"datePublished": "2026-01-08T14:06:29.288Z",
"dateReserved": "2026-01-05T17:24:36.929Z",
"dateUpdated": "2026-01-08T15:55:13.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49092 (GCVE-0-2023-49092)
Vulnerability from nvd – Published: 2023-11-28 20:57 – Updated: 2024-11-27 16:03
VLAI?
Title
RustCrypto/RSA vulnerable to a Marvin Attack via key recovery through timing sidechannels
Summary
RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is currently no fix available. As a workaround, avoid using the RSA crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer.
Severity ?
5.9 (Medium)
CWE
- CWE-385 - Covert Timing Channel
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RustCrypto | RSA |
Affected:
<= 0.9.5
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:46:28.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr"
},
{
"name": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-27T16:03:39.720474Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T16:03:51.520Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RSA",
"vendor": "RustCrypto",
"versions": [
{
"status": "affected",
"version": "\u003c= 0.9.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is currently no fix available. As a workaround, avoid using the RSA crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-385",
"description": "CWE-385: Covert Timing Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-14T22:50:31.056Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr"
},
{
"name": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643"
}
],
"source": {
"advisory": "GHSA-c38w-74pg-36hr",
"discovery": "UNKNOWN"
},
"title": "RustCrypto/RSA vulnerable to a Marvin Attack via key recovery through timing sidechannels"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-49092",
"datePublished": "2023-11-28T20:57:06.739Z",
"dateReserved": "2023-11-21T18:57:30.429Z",
"dateUpdated": "2024-11-27T16:03:51.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-21895 (GCVE-0-2026-21895)
Vulnerability from cvelistv5 – Published: 2026-01-08 14:06 – Updated: 2026-01-08 15:55
VLAI?
Title
rsa crate has potential panic on a prime being equal to 1
Summary
The `rsa` crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is `1`. Version 0.9.10 fixes the issue.
Severity ?
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RustCrypto | RSA |
Affected:
< 0.9.10
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21895",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-08T14:52:10.453165Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T15:55:13.043Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RSA",
"vendor": "RustCrypto",
"versions": [
{
"status": "affected",
"version": "\u003c 0.9.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The `rsa` crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is `1`. Version 0.9.10 fixes the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.7,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T14:06:29.288Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-9c48-w39g-hm26",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-9c48-w39g-hm26"
},
{
"name": "https://github.com/RustCrypto/RSA/commit/2926c91bef7cb14a7ccd42220a698cf4b1b692f7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RustCrypto/RSA/commit/2926c91bef7cb14a7ccd42220a698cf4b1b692f7"
}
],
"source": {
"advisory": "GHSA-9c48-w39g-hm26",
"discovery": "UNKNOWN"
},
"title": "rsa crate has potential panic on a prime being equal to 1"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-21895",
"datePublished": "2026-01-08T14:06:29.288Z",
"dateReserved": "2026-01-05T17:24:36.929Z",
"dateUpdated": "2026-01-08T15:55:13.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49092 (GCVE-0-2023-49092)
Vulnerability from cvelistv5 – Published: 2023-11-28 20:57 – Updated: 2024-11-27 16:03
VLAI?
Title
RustCrypto/RSA vulnerable to a Marvin Attack via key recovery through timing sidechannels
Summary
RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is currently no fix available. As a workaround, avoid using the RSA crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer.
Severity ?
5.9 (Medium)
CWE
- CWE-385 - Covert Timing Channel
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RustCrypto | RSA |
Affected:
<= 0.9.5
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:46:28.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr"
},
{
"name": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-27T16:03:39.720474Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T16:03:51.520Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RSA",
"vendor": "RustCrypto",
"versions": [
{
"status": "affected",
"version": "\u003c= 0.9.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is currently no fix available. As a workaround, avoid using the RSA crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-385",
"description": "CWE-385: Covert Timing Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-14T22:50:31.056Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr"
},
{
"name": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643"
}
],
"source": {
"advisory": "GHSA-c38w-74pg-36hr",
"discovery": "UNKNOWN"
},
"title": "RustCrypto/RSA vulnerable to a Marvin Attack via key recovery through timing sidechannels"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-49092",
"datePublished": "2023-11-28T20:57:06.739Z",
"dateReserved": "2023-11-21T18:57:30.429Z",
"dateUpdated": "2024-11-27T16:03:51.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}