Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/rnp@0.18.1-1.1?distro=trixie
purl pkg:deb/debian/rnp@0.18.1-1.1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (4)
Vulnerability Summary Aliases
VCID-eu3v-wzxr-pbd3 Certain malformed OpenPGP messages could trigger incorrect parsing of PKESK/SKESK packets due to a bug in the Ribose RNP library used by Thunderbird up to version 102.9.1, which would cause the Thunderbird user interface to hang. The issue was discovered using Google's oss-fuzz. CVE-2023-29479
VCID-t2ak-y8du-pfft librnp uses weak random number generation such that generated keys can be easily cracked. CVE-2025-13470
VCID-w7s3-7ab3-xyeb Ribose RNP before 0.16.3 sometimes lets secret keys remain unlocked after use. CVE-2023-29480
VCID-x486-a1u1-jqau Ribose RNP before 0.15.1 does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than on the tin of the algorithm. CVE-2021-33589

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T12:49:43.949300+00:00 Debian Importer Fixing VCID-t2ak-y8du-pfft https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:25:47.870195+00:00 Debian Importer Fixing VCID-w7s3-7ab3-xyeb https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:48:46.080742+00:00 Debian Importer Fixing VCID-x486-a1u1-jqau https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:34:15.262185+00:00 Debian Importer Fixing VCID-eu3v-wzxr-pbd3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-12T18:15:44.810695+00:00 Debian Importer Fixing VCID-t2ak-y8du-pfft https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-12T18:15:44.750124+00:00 Debian Importer Fixing VCID-w7s3-7ab3-xyeb https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-12T18:15:44.705360+00:00 Debian Importer Fixing VCID-eu3v-wzxr-pbd3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-12T18:15:44.660216+00:00 Debian Importer Fixing VCID-x486-a1u1-jqau https://security-tracker.debian.org/tracker/data/json 38.3.0