rpm package
opensuse/rnp&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/rnp&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-13470 | Hig | 7.5 | < 0.18.1-1.1 | 0.18.1-1.1 | Nov 21, 2025 | In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key (PKESK) packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encr |
- affected < 0.18.1-1.1fixed 0.18.1-1.1
In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key (PKESK) packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encr