CVE-2023-29480

Ribose RNP before 0.16.3 sometimes lets secret keys remain unlocked after use...

CVE-2021-33589

Ribose RNP before 0.15.1 does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than on the tin of the algorithm...

Fedora 41 : rnp (2025-bc8b81c28d)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-bc8b81c28d advisory. Version 0.18.1 Security Fixed critical issue where PKESK public-key encrypted session keys were generated as all-zero, allowing trivial decryption of message...

Fedora: Security Advisory (FEDORA-2025-7bef956026)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-a96ccc98ca)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-bc8b81c28d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 41 Update: rnp-0.18.1-1.fc41

RNP is a set of OpenPGP RFC4880 tools...

OPENSUSE-SU-2025:20116-1 Security update for rnp

This update for rnp fixes the following issues: - update to 0.18.1: CVE-2025-13470: PKESK public-key encrypted session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only boo1253957, CVE-2025-13402...

CVE-2025-13470

A flaw was found in RNP. This vulnerability allows for the trivial decryption of data encrypted using public-key encryption, fully compromising confidentiality, via an uninitialized symmetric session key in Public-Key Encrypted Session Key PKESK packets, which results in an all-zero byte array...

Linux Distros Unpatched Vulnerability : CVE-2025-13470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized...

CVE-2025-13470

In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encryption in this release...

CVE-2025-13470 RNP 0.18.0 Vulnerable PKESK session keys

In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encryption in this release...

CVE-2025-13470

CVE-2025-13470 affects RNP prior to 0.18.1, where a refactoring regression left the symmetric session key for PKESK packets uninitialized beyond zeroing. The result is an all-zero session key for PKESK, allowing data encrypted with public-key encryption to be decrypted trivially, compromising con...

RNP 安全漏洞

RNP is a C++ library open-sourced by RNP. A security vulnerability exists in RNP version 0.18.0 that stems from an uninitialized symmetric session key used in PKESK packets, which could lead to a complete breach of confidentiality...

Linux Distros Unpatched Vulnerability : CVE-2025-13402

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RNP PKESK Session Keys Generated as AllZero epel-8 CVE-2025-13402 Note that Nessus relies on the presence of the package as reported by the vendor. C Tenable,...

EUVD-2021-20274

Malware in sbrugna...

EUVD-2023-33048

Malicious code in bioql PyPI...

EUVD-2023-33047

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-29480

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ribose RNP before 0.16.3 sometimes lets secret keys remain unlocked after use. CVE-2023-29480 Note that Nessus relies on the presence of the package as reported...

Linux Distros Unpatched Vulnerability : CVE-2021-33589

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ribose RNP before 0.15.1 does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than on the tin of the algorithm...