- Description
- rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows attackers to trigger resource exhaustion vulnerabilities in rpgp by providing crafted messages. This affects general message parsing and decryption with symmetric keys.
- Source
- security-advisories@github.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- security-advisories@github.com
- CWE-770
- Hype score
- Not currently trending
CVE-2024-53857 Resource Exhaustion Vulnerability in rPGP Rust Implementation Pre-0.14.1 rPGP is a version of OpenPGP written in Rust. Before version 0.14.1, rPGP has a vulnerability. Attackers can cause resource ... https://t.co/z9p0QjLXeV
@VulmonFeeds
6 Dec 2024
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-53857 rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows attackers to trigger resource exhaustion vulnerabilities in rpgp by providing crafted mess… https://t.co/iB0abmD7ec
@CVEnew
5 Dec 2024
230 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes