CVE-2016-10931

HIGH

8.1

CVSS Severity Score

EPSS Score0.0030%

EPSS Percentile2.06th

PublishedAug 26, 2019

Last ModifiedNov 21, 2024

Vulnerability Description

An issue was discovered in the openssl crate before 0.9.0 for Rust. There is an SSL/TLS man-in-the-middle vulnerability because certificate verification is off by default and there is no API for hostname verification.

Affected Platforms (CPE)

📦

Rust Openssl Project

Rust Openssl

< 0.9.0

References & Advisories

🔗 https://rustsec.org/advisories/RUSTSEC-2016-0001.html

Related Vulnerabilities

CVE-2018-209979.8

An issue was discovered in the openssl crate before 0.10.9 for Rust. A use-after-free occurs in CMS Signing.

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...