9 matches found
CVE-2025-67897
A flaw was found in Sequoia. This vulnerability allows a remote attacker to crash an application via sending a victim an encrypted message with a crafted Public Key Encrypted Session Key PKESK or Symmetric Key Encrypted Session Key SKESK packet, which causes aeskeyunwrap to panic when processing ...
GHSA-V6X3-9R38-R27Q Sequoia PGP has Subtraction Overflow when aes_key_unwrap function is provided ciphertext that is too short
In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...
EUVD-2025-203279
In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...
Sequoia PGP has Subtraction Overflow when aes_key_unwrap function is provided ciphertext that is too short
In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...
CVE-2025-67897
In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...
CVE-2025-67897
In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...
CVE-2025-67897
CVE-2025-67897 affects Sequoia OpenPGP components with a panic in aes_key_unwrap when processing a ciphertext too short (remote attacker could trigger a crash by sending crafted PKESK/SKESK packets). Fedora advisories for Fedora 42/43 indicate the issue is addressed by upgrading to sequoia-openpg...
CVE-2025-67897
In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...
Linux Distros Unpatched Vulnerability : CVE-2025-67897
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an applicatio...