Low severityNVD Advisory· Published Jul 28, 2025· Updated Jul 28, 2025
CVE-2023-53160
CVE-2023-53160
Description
The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
sequoia-openpgpcrates.io | < 1.1.1 | 1.1.1 |
sequoia-openpgpcrates.io | >= 1.2.0, < 1.8.1 | 1.8.1 |
sequoia-openpgpcrates.io | >= 1.9.0, < 1.16.0 | 1.16.0 |
Affected products
1- Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- github.com/advisories/GHSA-25mx-8f3v-8wh7ghsaADVISORY
- github.com/advisories/GHSA-29mf-62xx-28jqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-53160ghsaADVISORY
- gitlab.com/sequoia-pgp/sequoia/-/blob/main/openpgp/NEWSghsaWEB
- lists.sequoia-pgp.org/hyperkitty/list/announce@lists.sequoia-pgp.org/thread/SN2E3QRT4DMQ5JNEK6VIN6DJ5SH766DIghsaWEB
- rustsec.org/advisories/RUSTSEC-2023-0038.htmlghsaWEB
- crates.io/crates/sequoia-openpgpmitre
- lists.sequoia-pgp.org/hyperkitty/list/announce@lists.sequoia-pgp.org/thread/SN2E3QRT4DMQ5JNEK6VIN6DJ5SH766DI/mitre
News mentions
0No linked articles in our index yet.