CVE-2026-21895

Summary

The rsa crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is 1. Version 0.9.10 fixes the issue.

Affected Software

VendorProductVersion RangeStatus
RustCryptoRSA< 0.9.10affected

Weaknesses

  • CWE-703: CWE-703: Improper Check or Handling of Exceptional Conditions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References