[SECURITY] Fedora 43 Update: rust-sequoia-openpgp-2.3.0-1.fc43

OpenPGP data types and associated machinery...

[SECURITY] Fedora 42 Update: rust-sequoia-sop-0.37.3-3.fc42

An implementation of the Stateless OpenPGP Interface using Sequoia...

[SECURITY] Fedora 42 Update: rust-sequoia-openpgp-2.3.0-1.fc42

OpenPGP data types and associated machinery...

Fedora 43 : rust-rpm-sequoia / rust-sequoia-chameleon-gnupg / rust-sequoia-git / etc (2026-38d57d2e7a)

The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-38d57d2e7a advisory. Update sequoia-openpgp to version 2.3.0. This includes three security relevant fixes assigned CVE-2026-42783, CVE-2026-42784, and CVE-not-...

Fedora 42 : rust-rpm-sequoia / rust-sequoia-chameleon-gnupg / rust-sequoia-git / etc (2026-8df732be8a)

The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-8df732be8a advisory. Update sequoia-openpgp to version 2.3.0. This includes three security relevant fixes assigned CVE-2026-42783, CVE-2026-42784, and CVE-not-...

Linux Distros Unpatched Vulnerability : CVE-2026-42784

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - rust-sequoia-openpgp - None Ubuntu Linux - openpgp: Don't imply missing key flags from key type CVE-2026-42784 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2026-42783

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - rust-sequoia-openpgp - None Ubuntu Linux - openpgp: Don't imply missing key flags from key type CVE-2026-42783 Note that Nessus relies on the...

Fedora 44 : rust-podman-sequoia / rust-rpm-sequoia / etc (2026-5619c60e85)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-5619c60e85 advisory. Update sequoia-openpgp to version 2.3.0. This includes three security relevant fixes assigned CVE-2026-42783, CVE-2026-42784, and CVE-not-...

CentOS 9 : rust-rpm-sequoia-1.10.2.1-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the rust- rpm-sequoia-1.10.2.1-1.el9 build changelog. - Update sequoia-openpgp to version 2.3.0. This includes three security relevant fixes assigned CVE-2026-42783, CVE-2026-42784, and...

Fedora 45 : rust-podman-sequoia / rust-rpm-sequoia / etc (2026-5272623baf)

The remote Fedora 45 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-5272623baf advisory. Update sequoia-openpgp to version 2.3.0. This includes three security relevant fixes assigned CVE-2026-42783, CVE-2026-42784, and CVE-not-...

Fedora: Security Advisory (FEDORA-2026-304a740a0b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

card-backend-scdc (>=0.4.0 <=0.5.0), cfs_openpgp (=0.1.0) +39 more potentially affected by CVE-2025-67897 via sequoia-openpgp (>=0.11.0 <=1.22.0)

sequoia-openpgp CARGO version =0.11.0, =0.4.0, =0.0.1, =0.5.0, =0.3.0, =0.12.0, =0.1.0, =0.10.1, =0.10.1, =0.0.1, =0.0.1, =0.2.2 and more Source cves: CVE-2025-67897 Source advisory: OSV:GHSA-V6X3-9R38-R27Q...

card-backend-scdc (>=0.4.0 <=0.5.0), cfs_openpgp (=0.1.0) +39 more potentially affected by CVE-2025-67897 via sequoia-openpgp (>=0.11.0 <=1.22.0)

sequoia-openpgp CARGO version =0.11.0, =0.4.0, =0.0.1, =0.5.0, =0.3.0, =0.12.0, =0.1.0, =0.10.1, =0.10.1, =0.0.1, =0.0.1, =0.2.2 and more Source cves: CVE-2025-67897 Source advisory: OSV:RUSTSEC-2025-0136...

EUVD-2025-29484

Malicious code in bioql PyPI...

EUVD-2024-54821

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-53160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic. CVE-2023-53160 Note that Nessus relies on the presence of the...

Linux Distros Unpatched Vulnerability : CVE-2024-58261

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The sequoia-openpgp crate 1.13.0 before 1.21.0 for Rust allows an infinite loop of Reading a cert: Invalid operation: Not a Key packet messages for RawCertParse...

SUSE CVE-2023-53160

The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic...

SUSE CVE-2024-58261

The sequoia-openpgp crate 1.13.0 before 1.21.0 for Rust allows an infinite loop of "Reading a cert: Invalid operation: Not a Key packet" messages for RawCertParser operations that encounter an unsupported primary key type...

CVE-2024-58261

A flaw was found in sequoia-openpgp. Processing RawCertParser operations with unsupported primary key types triggers an infinite loop of error messages. This flaw allows a local attacker to provide a specially crafted certificate file, resulting in a denial of service due to resource exhaustion...