CVE-2023-53159 — The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an em... | CVE Daily

Medium CVSS 4.5

Overview

The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::set_host.

CWE: CWE-126 Published: 2025-07-28T03:15:23.193

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 4.5 (MEDIUM)
Detected tags: oob_read (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Recommended tools

Tags

Out-of-Bounds Read