CNNVD-202601-2562 Information

CNNVD ID

CNNVD-202601-2562

Related CVE

CVE-2026-23519

• CNNVD Published: 2026-01-15

Description (Chinese)

RustCrypto是RustCrypto开源的一个带关联数据算法的身份验证加密。 RustCrypto 0.4.4之前版本存在安全漏洞，该漏洞源于编译器生成非恒定时间汇编代码。

Description (English)

RustCrypto is an authentication encryption of a linked data algorithm from RustCrypto open source. There was a security loophole in the previous version of RustCrypto 0.4.4, which originated from the compiler ’ s generation of a non-consistent time-compilation code.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

RustCrypto

Published

2026-01-15

Last Modified

2026-02-24

References

https://github.com/RustCrypto/utils/commit/55977257e7c82a309d5e8abfdd380a774f0f9778 https://github.com/RustCrypto/utils/security/advisories/GHSA-2gqc-6j2q-83qp

Patch

https://github.com/RustCrypto/utils/tags