VYPR

crates.io package

rsa

pkg:cargo/rsa

Vulnerabilities (2)

  • CVE-2026-21895Jan 8, 2026
    affected < 0.9.10fixed 0.9.10

    The `rsa` crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is `1`. Version 0.9.10 fixes the issue.

  • CVE-2023-49092Nov 28, 2023
    affected <= 0.9.6

    RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key