Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/12/17 10:2 a.m.7 views

CVE-2025-67897

A flaw was found in Sequoia. This vulnerability allows a remote attacker to crash an application via sending a victim an encrypted message with a crafted Public Key Encrypted Session Key PKESK or Symmetric Key Encrypted Session Key SKESK packet, which causes aeskeyunwrap to panic when processing ...

5.3CVSS6.1AI score0.00297EPSS
Exploits0References6
OSV
OSV
added 2025/12/14 6:30 a.m.3 views

GHSA-V6X3-9R38-R27Q Sequoia PGP has Subtraction Overflow when aes_key_unwrap function is provided ciphertext that is too short

In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...

5.3CVSS6.8AI score0.00297EPSS
Exploits0References6
EUVD
EUVD
added 2025/12/14 6:30 a.m.5 views

EUVD-2025-203279

In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...

5.3CVSS6.4AI score0.00297EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/12/14 6:30 a.m.7 views

Sequoia PGP has Subtraction Overflow when aes_key_unwrap function is provided ciphertext that is too short

In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...

5.3CVSS7AI score0.00297EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2025/12/14 5:16 a.m.4 views

CVE-2025-67897

In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...

5.3CVSS0.00297EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/14 4:35 a.m.20 views

CVE-2025-67897

In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...

5.3CVSS0.00297EPSS
Exploits0References3
CVE
CVE
added 2025/12/14 4:35 a.m.19 views

CVE-2025-67897

CVE-2025-67897 affects Sequoia OpenPGP components with a panic in aes_key_unwrap when processing a ciphertext too short (remote attacker could trigger a crash by sending crafted PKESK/SKESK packets). Fedora advisories for Fedora 42/43 indicate the issue is addressed by upgrading to sequoia-openpg...

5.3CVSS6.5AI score0.00297EPSS
Exploits0References3
OSV
OSV
added 2025/12/14 4:35 a.m.6 views

CVE-2025-67897

In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...

5.3CVSS6.8AI score0.00297EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/12/14 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-67897

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an applicatio...

5.3CVSS5.9AI score0.00297EPSS
Exploits0References4
Rows per page
Query Builder