CVE-2026-24883

Опубликовано: 27 янв. 2026

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 3.7

Описание

In GnuPG before 2.5.17, a long signature packet length causes parse_signature to return success with sig->data[] set to a NULL value, leading to a denial of service (application crash).

Релиз	Статус	Примечание
devel	not-affected	code not present
esm-infra/bionic	not-affected	code not present
esm-infra/focal	not-affected	code not present
esm-infra/xenial	not-affected	code not present
jammy	not-affected	code not present
noble	not-affected	code not present
questing	not-affected	code not present
upstream	released	2.5.17

Показывать по

Ссылки на источники

EPSS

Процентиль: 2%

0.00014

Низкий

3.7 Low

CVSS3

Связанные уязвимости

CVE-2026-24883

CVSS3: 3.7

nvd

11 дней назад

In GnuPG before 2.5.17, a long signature packet length causes parse_signature to return success with sig->data[] set to a NULL value, leading to a denial of service (application crash).

CVE-2026-24883

CVSS3: 3.7

debian

11 дней назад

In GnuPG before 2.5.17, a long signature packet length causes parse_si ...

GHSA-7246-cvp4-g68w

CVSS3: 3.7

github

11 дней назад

In GnuPG before 2.5.17, a long signature packet length causes parse_signature to return success with sig->data[] set to a NULL value, leading to a denial of service (application crash).

openSUSE-SU-2026:20136-1

suse-cvrf

9 дней назад

Security update for gpg2

EPSS

Процентиль: 2%

0.00014

Низкий

3.7 Low

CVSS3

CVE-2026-24883

Описание

Пакет gnupg2

Ссылки на источники

Связанные уязвимости