3 matches found
CVE-2023-29479
CVE-2023-29479 affects Ribose RNP prior to 0.16.3 (used by Thunderbird via OpenPGP message processing). The issue may cause the application to hang when the input is malformed, as reflected in multiple security advisories (e.g., Debian, Fedora, CentOS/Red Hat). Remediation: upgrade Ribose RNP to ...
CVE-2023-29480
CVE-2023-29480 concerns Ribose RNP before version 0.16.3, where secret keys can remain unlocked after use. Public docs confirm the flaw affects the RNP tool and is mitigated by upgrading to 0.16.3 or newer (e.g., Fedora/OpenSUSE/Debian advisories reference 0.16.3 as the fix). The nominal impact i...
CVE-2021-33589
CVE-2021-33589 affects Ribose RNP before 0.15.1, which does not implement a required step in a cryptographic algorithm, resulting in weaker encryption. Affected version is 0.15.0 and earlier; remediation is to upgrade to 0.15.1 or newer where the issue is addressed.