Sequoia-pgp Sequoia
3 CVEs affecting Sequoia-pgp Sequoia. Latest disclosed: 2025-12-14. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-67897 | Medium | 5.3 | 2025-12-14 | In Sequoia before 2.1.0, aes_key_unwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an applica… |
CVE-2023-53160 | Low | 2.9 | 2025-07-28 | The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic. |
CVE-2024-58261 | Low | 2.9 | 2025-07-27 | The sequoia-openpgp crate 1.13.0 before 1.21.0 for Rust allows an infinite loop of "Reading a cert: Invalid operation: Not a Key packet" messages for RawCertPa… |