Описание
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | not-affected | 1.4.16-1ubuntu2.6+esm1 |
| esm-infra/focal | DNE | |
| esm-infra/xenial | released | 1.4.20-1ubuntu3.3+esm2 |
| focal | DNE | |
| impish | DNE | |
| jammy | DNE | |
| trusty | DNE | |
| trusty/esm | released | 1.4.16-1ubuntu2.6+esm1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.2.4-1ubuntu1.6 |
| devel | released | 2.2.27-3ubuntu3 |
| esm-infra/bionic | not-affected | 2.2.4-1ubuntu1.6 |
| esm-infra/focal | not-affected | 2.2.19-3ubuntu2.2 |
| esm-infra/xenial | released | 2.1.11-6ubuntu2.1+esm1 |
| focal | released | 2.2.19-3ubuntu2.2 |
| impish | released | 2.2.20-1ubuntu4.1 |
| jammy | released | 2.2.27-3ubuntu2.1 |
| trusty | DNE | |
| upstream | released | 2.2.35-3 |
Показывать по
Ссылки на источники
EPSS
5.8 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
GnuPG through 2.3.6, in unusual situations where an attacker possesses ...
EPSS
5.8 Medium
CVSS2
6.5 Medium
CVSS3