Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-3219

Опубликовано: 23 фев. 2023
Источник: debian

Описание

GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gnupg2unfixedpackage

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=2127010

  • https://dev.gnupg.org/D556

  • https://dev.gnupg.org/T5993

  • https://www.openwall.com/lists/oss-security/2022/07/04/8

  • GnuPG upstream is not implementing this change.

Связанные уязвимости

ubuntu логотип

CVE-2022-3219

CVSS3: 3.3
ubuntu
почти 3 года назад

GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.

redhat логотип

CVE-2022-3219

CVSS3: 6.2
redhat
больше 3 лет назад

GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.

nvd логотип

CVE-2022-3219

CVSS3: 3.3
nvd
почти 3 года назад

GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.

github логотип

GHSA-pf7g-97vv-qmrr

CVSS3: 5.5
github
почти 3 года назад

GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.