CVE-2023-53160

Summary

The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic.

Affected Software

VendorProductVersion RangeStatus
sequoia-pgpsequoia0 < 1.1.1affected
sequoia-pgpsequoia1.2.0 < 1.8.1affected
sequoia-pgpsequoia1.9.0 < 1.16.0affected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References