CNNVD-202507-3426 Information

CNNVD ID

CNNVD-202507-3426

Related CVE

CVE-2024-58261

• CNNVD Published: 2025-07-27

Description (Chinese)

sequoia-openpgp是sequoia-openpgp个人开发者的一个Rust库。 sequoia-openpgp 1.21.0之前版本存在安全漏洞，该漏洞源于为OpenPGP实现提供了一个低级接口，可能导致无限循环。

Description (English)

Sequoia-openpgp is a Rust bank of personal developers of sequoia-openpgp. There was a security loophole in the pre-sequoia-openpgp 1.21.0 version, which originated from providing a low-level interface for OpenPGP realization, which could lead to an infinite cycle.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-07-27

Last Modified

2026-02-24

References

https://crates.io/crates/sequoia-openpgp https://gitlab.com/sequoia-pgp/sequoia/-/issues/1106 https://rustsec.org/advisories/RUSTSEC-2024-0345.html

Patch

https://gitlab.com/sequoia-pgp/sequoia/-/tags