Описание
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.4.14-1ubuntu2 |
| lucid | released | 1.4.10-2ubuntu1.4 |
| precise | released | 1.4.11-3ubuntu2.4 |
| quantal | released | 1.4.11-3ubuntu4.3 |
| raring | released | 1.4.12-7ubuntu1.2 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.0.20-1ubuntu3 |
| lucid | ignored | end of life |
| precise | released | 2.0.17-2ubuntu2.12.04.3 |
| quantal | released | 2.0.17-2ubuntu3.2 |
| raring | released | 2.0.19-2ubuntu1.1 |
| upstream | needs-triage |
Показывать по
EPSS
5.8 Medium
CVSS2
Связанные уязвимости
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bi ...
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
EPSS
5.8 Medium
CVSS2