Debian Rust-Pgp vulnerabilities

2 known vulnerabilities affecting debian/rust-pgp.

Total CVEs

2

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH2

Vulnerabilities

Page 1 of 1

CVE-2024-53856HIGHCVSS 7.5fixed in rust-pgp 0.14.2-1 (forky)2024

CVE-2024-53856 [HIGH] CVE-2024-53856: rust-pgp - rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an a... rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an attacker to trigger rpgp crashes by providing crafted data. This vulnerability is fixed in 0.14.1. Scope: local forky: resolved (fixed in 0.14.2-1) sid: resolved (fixed in 0.14.2-1) trixie: resolved (fixed in 0.14.2-1)

CVE-2024-53857HIGHCVSS 7.5fixed in rust-pgp 0.14.2-1 (forky)2024

CVE-2024-53857 [HIGH] CVE-2024-53857: rust-pgp - rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows atta... rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows attackers to trigger resource exhaustion vulnerabilities in rpgp by providing crafted messages. This affects general message parsing and decryption with symmetric keys. Scope: local forky: resolved (fixed in 0.14.2-1) sid: resolved (fixed in 0.14.2-1) trixie: resolved (fixed in 0.14.2-1)