Home > Vulnerability Database > CVE-2023-53160

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2023-53160

Good to know:

Date: July 27, 2025

The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic.

Severity Score

2.9

Related Resources (11)

Url: https://github.com/advisories/GHSA-25mx-8f3v-8wh7

Url: https://rustsec.org/advisories/RUSTSEC-2023-0038.html

Url: https://gitlab.com/sequoia-pgp/sequoia

Url: https://lists.sequoia-pgp.org/hyperkitty/list/announce@lists.sequoia-pgp.org/thread/SN2E3QRT4DMQ5JNEK6VIN6DJ5SH766DI

Url: https://gitlab.com/sequoia-pgp/sequoia/-/blob/main/openpgp/NEWS

Url: https://crates.io/crates/sequoia-openpgp

Url: https://gitlab.com/sequoia-pgp/sequoia/-/tags/openpgp%2Fv1.16.0

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-53160

Url: https://lists.sequoia-pgp.org/hyperkitty/list/announce@lists.sequoia-pgp.org/thread/SN2E3QRT4DMQ5JNEK6VIN6DJ5SH766DI/

Url: https://github.com/advisories/GHSA-29mf-62xx-28jq

Url: https://www.mend.io/vulnerability-database/CVE-2023-53160

Severity Score

2.9

Weakness Type (CWE)

Out-of-bounds Read

CWE-125

Top Fix

Upgrade Version

Upgrade to version sequoia-openpgp - 1.1.1;sequoia-openpgp - 1.8.1;sequoia-openpgp - 1.16.0

CVSS v3.1

Base Score:	2.9
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

Do you need more information?

Contact Us