openidconnect-rs `rsa` crate is vulnerable to timing attack (RUSTSEC-2023-0071)

`rsa` crate is vulnerable to timing attack (RUSTSEC-2023-0071)

Open ramosbugs opened this issue 2 years ago • 0 comments

See https://rustsec.org/advisories/RUSTSEC-2023-0071.html and RustCrypto/RSA#19.

Once a fix is available, this crate should update the minimum required version of rsa in Cargo.toml.

Nov 28 '23 22:11 ramosbugs