DirectorySecurity AdvisoriesPricing
/
Sign in
Security Advisories

CVE-2025-67897

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-67897

Severity

5.3

Medium

CVSS V3

Description

In Sequoia before 2.1.0, aes_key_unwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet.

References

  • https://images.chainguard.dev/security/CGA-jc6m-8hj7-4mp9
  • https://github.com/advisories/GHSA-v6x3-9r38-r27q
  • https://bugs.debian.org/1122582
  • https://gitlab.com/sequoia-pgp/sequoia/-/blob/b59886e5e7bdf7169ed330f309a6633d131776e5/openpgp/NEWS#L7-L26
  • https://gitlab.com/sequoia-pgp/sequoia/-/commit/b59886e5e7bdf7169ed330f309a6633d131776e5

Affected packages

The trusted source for open source

Talk to an expert
© 2025 Chainguard. All Rights Reserved.
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSCMMC 2.0Golden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsSupply Chain Security 101Chainguard CoursesDocumentationTrust CenterChainguard Slack Community

Company

About UsBlogPartnersNewsroomCareersLegal