Context
cargo audit reports RUSTSEC-2023-0071 (Marvin Attack: potential key recovery through timing sidechannels) against the rsa 0.9.10
transitive dependency.
The advisory is currently accepted in .cargo/audit.toml because:
- The vulnerable codepath is PKCS#1 v1.5 decryption. This project does not perform RSA decryption.
rsa enters the dependency tree only via openidconnect 4.x, which uses it for JWT signature verification — not affected by the Marvin Attack.- No fixed
rsa version exists upstream (as of 2026-04-09).
Current dependency path
rsa 0.9.10
└── openidconnect 4.0.1
└── keylime-webtool-backend 0.1.0
Action required when a fix is available
When a patched rsa crate is published:
- Update
openidconnect (or its transitive chain) to pull in the fixed rsa version
- Remove
RUSTSEC-2023-0071 from .cargo/audit.toml
- Verify
cargo audit passes clean without the ignore
How to monitor
- Watch RUSTSEC-2023-0071 for a
patched_versions update
- Watch RustCrypto/RSA for a constant-time implementation release
- Periodically run
cargo audit --ignore RUSTSEC-2023-0071 to check for any new advisories
Context
cargo auditreports RUSTSEC-2023-0071 (Marvin Attack: potential key recovery through timing sidechannels) against thersa0.9.10transitive dependency.
The advisory is currently accepted in
.cargo/audit.tomlbecause:rsaenters the dependency tree only viaopenidconnect 4.x, which uses it for JWT signature verification — not affected by the Marvin Attack.rsaversion exists upstream (as of 2026-04-09).Current dependency path
rsa 0.9.10
└── openidconnect 4.0.1
└── keylime-webtool-backend 0.1.0
Action required when a fix is available
When a patched
rsacrate is published:openidconnect(or its transitive chain) to pull in the fixedrsaversionRUSTSEC-2023-0071from.cargo/audit.tomlcargo auditpasses clean without the ignoreHow to monitor
patched_versionsupdatecargo audit --ignore RUSTSEC-2023-0071to check for any new advisories