DirectorySecurity AdvisoriesPricing
/
Sign in
Security Advisories

GHSA-xphf-cx8h-7q9g

https://github.com/advisories/GHSA-xphf-cx8h-7q9g

Severity

Unknown
Eliminate CVEs with Chainguard hardened images

Build, ship, and run secure software with minimal, hardened container images — rebuilt from source daily and guarded under our industry-leading remediation SLA.

Start for free

Summary

openssl X509StoreRef::objects is unsound

Description

This function returned a reference into an OpenSSL datastructure, but there was no way to ensure OpenSSL would not mutate the datastructure behind one's back.

Use of this function should be replaced with X509StoreRef::all_certificates.

References

  • https://github.com/advisories/GHSA-xphf-cx8h-7q9g
  • https://github.com/sfackler/rust-openssl/issues/2096
  • https://github.com/sfackler/rust-openssl/commit/cf9681a55cabd4cb9f1475bde17b5079f2a0384e
  • https://github.com/sfackler/rust-openssl
  • https://rustsec.org/advisories/RUSTSEC-2023-0072.html

Affected packages

The trusted source for open source

Talk to an expert
© 2025 Chainguard. All Rights Reserved.
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSCMMC 2.0Golden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsSupply Chain Security 101Chainguard CoursesDocumentationTrust CenterChainguard Slack Community

Company

About UsBlogPartnersNewsroomCareersLegal