Описание
The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic.
A flaw was found in sequoia-openpgp. The crate exhibits an out-of-bounds array access, leading to a panic during processing. A local attacker can trigger this condition by providing a specially crafted input, which results in a denial of service.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | rust-rpm-sequoia | Fix deferred | ||
| Red Hat Enterprise Linux 10 | rust-sequoia-sq | Fix deferred | ||
| Red Hat Enterprise Linux 10 | rust-sequoia-sqv | Fix deferred | ||
| Red Hat Enterprise Linux 10 | trustee-guest-components | Fix deferred | ||
| Red Hat Enterprise Linux 9 | rust-rpm-sequoia | Fix deferred | ||
| Red Hat Enterprise Linux 9 | trustee-guest-components | Fix deferred | ||
| Red Hat OpenShift Container Platform 4 | kata-containers | Fix deferred | ||
| Red Hat Trusted Profile Analyzer | rhtpa/rhtpa-trustification-service-rhel9 | Fix deferred |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
3.3 Low
CVSS3
Связанные уязвимости
The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic.
The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic.
The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds ...
sequoia-openpgp vulnerable to out-of-bounds array access leading to panic
3.3 Low
CVSS3