CVE-2023-53160 — Out-of-bounds Read in Sequoia

Severity

5.3MEDIUMNVD

EPSS

0.1%

top 80.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedJul 28

Description

The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

▶debiandebian/rust-sequoia-openpgp< rust-sequoia-openpgp 1.16.0-1 (forky)

▶crates.iosequoia-pgp/sequoia-openpgp1.2.0 — 1.8.1+3

▶CVEListV5sequoia-pgp/sequoia1.2.0 — 1.8.1+2

OSV

CVE-2023-53160: The sequoia-openpgp crate before 1↗2025-07-28

▶

OSV

sequoia-openpgp vulnerable to out-of-bounds array access leading to panic↗2023-06-06

▶

GHSA

sequoia-openpgp vulnerable to out-of-bounds array access leading to panic↗2023-06-06

▶

OSV

Out-of-bounds array access leads to panic↗2023-05-16

▶

Red Hat

sequoia-openpgp: Sequoia OpenPGP Array Access Panic↗2025-07-28

▶

Debian

CVE-2023-53160: rust-sequoia-openpgp - The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array acce...↗2023

▶