Vendor
Rnpgp
Products
1
CVEs
4
Across products
4
Status
Private
Products
1- 4 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13470 | Hig | 0.42 | 7.5 | 0.00 | Nov 21, 2025 | In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key (PKESK) packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key… | ||
| CVE-2023-29479 | 0.00 | — | 0.01 | Apr 24, 2023 | Ribose RNP before 0.16.3 may hang when the input is malformed. | |||
| CVE-2023-29480 | 0.00 | — | 0.00 | Apr 24, 2023 | Ribose RNP before 0.16.3 sometimes lets secret keys remain unlocked after use. | |||
| CVE-2021-33589 | 0.00 | — | 0.00 | Apr 21, 2023 | Ribose RNP before 0.15.1 does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than on the tin of the algorithm. |
- risk 0.42cvss 7.5epss 0.00
In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key (PKESK) packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key…
- CVE-2023-29479Apr 24, 2023risk 0.00cvss —epss 0.01
Ribose RNP before 0.16.3 may hang when the input is malformed.
- CVE-2023-29480Apr 24, 2023risk 0.00cvss —epss 0.00
Ribose RNP before 0.16.3 sometimes lets secret keys remain unlocked after use.
- CVE-2021-33589Apr 21, 2023risk 0.00cvss —epss 0.00
Ribose RNP before 0.15.1 does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than on the tin of the algorithm.