11 matches found
GHSA-7587-4WV6-M68M rPGP vulnerable to parser crash on crafted RSA secret key packets through CVE-2026-21895
Summary It was possible to trigger an unhandled edge case in the Rust Crypto rsa crate through rPGP packet parsing functionality, and crash the process that runs rPGP. This problem has been patched in a new rsa version. The new release of rPGP ensures a patched version of the rsa crate is in use,...
EUVD-2024-3456
Malicious code in bioql PyPI...
CVE-2024-53856
rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an attacker to trigger rpgp crashes by providing crafted data. This vulnerability is fixed in 0.14.1...
DEBIAN-CVE-2024-53857
rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows attackers to trigger resource exhaustion vulnerabilities in rpgp by providing crafted messages. This affects general message parsing and decryption with symmetric keys...
CVE-2024-53856
rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an attacker to trigger rpgp crashes by providing crafted data. This vulnerability is fixed in 0.14.1...
CVE-2024-53856
rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an attacker to trigger rpgp crashes by providing crafted data. This vulnerability is fixed in 0.14.1...
CVE-2024-53856 rPGP Panics on Malformed Untrusted Input
rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an attacker to trigger rpgp crashes by providing crafted data. This vulnerability is fixed in 0.14.1...
CVE-2024-53856 rPGP Panics on Malformed Untrusted Input
rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an attacker to trigger rpgp crashes by providing crafted data. This vulnerability is fixed in 0.14.1...
CVE-2024-53856 rPGP Panics on Malformed Untrusted Input
rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an attacker to trigger rpgp crashes by providing crafted data. This vulnerability is fixed in 0.14.1...
CVE-2024-53857 rPGP Potential Resource Exhaustion when handling Untrusted Messages
rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows attackers to trigger resource exhaustion vulnerabilities in rpgp by providing crafted messages. This affects general message parsing and decryption with symmetric keys...
rPGP 安全漏洞
rPGP is a pure Rust implementation of OpenPGP open sourced by rPGP. A security vulnerability exists in rPGP versions prior to 0.14.1. An attacker exploiting this vulnerability could trigger an rpgp crash by supplying specially crafted data...