CVE-2025-67897 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

In Sequoia before 2.1.0, aes_key_unwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an applicat…
Medium CVSS: 5.3

CVE-2025-67897

In Sequoia before 2.1.0, aes_key_unwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet.
Vendor
-
Product
-
CWE
CWE-195
Yayın Tarihi
2025-12-14 05:16:06
Güncelleme
2025-12-15 18:22:13
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-195 MEDIUM 2025

Referanslar

https://bugs.debian.org/1122582 https://gitlab.com/sequoia-pgp/sequoia/-/blob/b59886e5e7bdf7169ed330f309a6633d131776e5/openpgp/NEWS#L7-L26 https://gitlab.com/sequoia-pgp/sequoia/-/commit/b59886e5e7bdf7169ed330f309a6633d131776e5