Summary
Detail | |||
---|---|---|---|
Vendor | Gnupg | First view | 2005-05-02 |
Product | Gnupg | Last view | 2023-01-12 |
Version | 1.3.4 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:gnupg:gnupg |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
9.8 | 2023-01-12 | CVE-2022-3515 | A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment. |
6.5 | 2022-07-01 | CVE-2022-34903 | GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. |
7.5 | 2020-03-20 | CVE-2019-14855 | A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18. |
5.9 | 2019-11-29 | CVE-2015-0837 | The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack." |
4.2 | 2019-11-29 | CVE-2014-3591 | Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication. |
5.3 | 2019-11-27 | CVE-2011-2207 | dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate. |
5.5 | 2019-11-20 | CVE-2015-1607 | kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges." |
5.5 | 2019-11-20 | CVE-2015-1606 | The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file. |
7.5 | 2019-06-29 | CVE-2019-13050 | Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack. |
8.8 | 2018-12-20 | CVE-2018-1000858 | GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in the composer window of Thunderbird/Enigmail. This vulnerability appears to have been fixed in after commit 4a4bb874f63741026bd26264c43bb32b1099f060. |
7.5 | 2018-06-08 | CVE-2018-12020 | mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes. |
5.3 | 2016-12-13 | CVE-2016-6313 | The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits. |
5 | 2014-06-25 | CVE-2014-4617 | The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence. |
2.1 | 2013-12-20 | CVE-2013-4576 | GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not typically expected to protect themselves from acoustic side-channel attacks, since this is arguably the responsibility of the physical device. Accordingly, issues of this type would not normally receive a CVE identifier. However, for this issue, the developer has specified a security policy in which GnuPG should offer side-channel resistance, and developer-specified security-policy violations are within the scope of CVE. |
1.9 | 2013-08-19 | CVE-2013-4242 | GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. |
8.1 | 2010-08-05 | CVE-2010-2547 | Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature. |
5 | 2007-03-06 | CVE-2007-1263 | GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection. |
5 | 2006-06-19 | CVE-2006-3082 | parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option. |
5 | 2005-05-02 | CVE-2005-0366 | The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is available to determine whether an integrity check failed. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
16% (3) | CWE-200 | Information Exposure |
11% (2) | CWE-416 | Use After Free |
11% (2) | CWE-326 | Inadequate Encryption Strength |
11% (2) | CWE-295 | Certificate Issues |
11% (2) | CWE-20 | Improper Input Validation |
5% (1) | CWE-706 | Use of Incorrectly-Resolved Name or Reference |
5% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |
5% (1) | CWE-255 | Credentials Management |
5% (1) | CWE-203 | Information Exposure Through Discrepancy |
5% (1) | CWE-190 | Integer Overflow or Wraparound |
5% (1) | CWE-189 | Numeric Errors |
5% (1) | CWE-74 | Failure to Sanitize Data into a Different Plane ('Injection') |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
66624 | GnuPG GPGSM kbx/keybox-blob.c Crafted Certificate Use-after-free Arbitrary Co... |
33501 | GnuPG / GPGME Unsigned OpenPGP Message Weakness |
26770 | GnuPG parse-packet.c Large Packet Length DoS |
13775 | OpenPGP CFB Module Quick Check Feature Information Disclosure |
OpenVAS Exploits
id | Description |
---|---|
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-15 (GnuPG) File : nvt/glsa_201110_15.nasl |
2011-08-09 | Name : CentOS Update for gnupg2 CESA-2010:0603 centos5 i386 File : nvt/gb_CESA-2010_0603_gnupg2_centos5_i386.nasl |
2010-08-21 | Name : Debian Security Advisory DSA 2076-1 (gnupg2) File : nvt/deb_2076_1.nasl |
2010-08-20 | Name : Fedora Update for gnupg2 FEDORA-2010-11382 File : nvt/gb_fedora_2010_11382_gnupg2_fc12.nasl |
2010-08-13 | Name : Ubuntu Update for gnupg2 vulnerability USN-970-1 File : nvt/gb_ubuntu_USN_970_1.nasl |
2010-08-06 | Name : Fedora Update for gnupg2 FEDORA-2010-11413 File : nvt/gb_fedora_2010_11413_gnupg2_fc13.nasl |
2010-08-06 | Name : RedHat Update for gnupg2 RHSA-2010:0603-01 File : nvt/gb_RHSA-2010_0603-01_gnupg2.nasl |
2010-08-02 | Name : Mandriva Update for gnupg2 MDVSA-2010:143 (gnupg2) File : nvt/gb_mandriva_MDVSA_2010_143.nasl |
2009-10-10 | Name : SLES9: Security update for gpg File : nvt/sles9p5021295.nasl |
2009-10-10 | Name : SLES9: Security update for gpg File : nvt/sles9p5020588.nasl |
2009-04-09 | Name : Mandriva Update for gnupg MDKSA-2007:059 (gnupg) File : nvt/gb_mandriva_MDKSA_2007_059.nasl |
2009-03-23 | Name : Ubuntu Update for gnupg vulnerability USN-432-1 File : nvt/gb_ubuntu_USN_432_1.nasl |
2009-03-23 | Name : Ubuntu Update for gnupg2, gpgme1.0 vulnerability USN-432-2 File : nvt/gb_ubuntu_USN_432_2.nasl |
2009-02-27 | Name : Fedora Update for gnupg FEDORA-2007-316 File : nvt/gb_fedora_2007_316_gnupg_fc5.nasl |
2009-01-28 | Name : SuSE Update for gpg SUSE-SA:2007:024 File : nvt/gb_suse_2007_024.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200503-29 (GnuPG) File : nvt/glsa_200503_29.nasl |
2008-09-04 | Name : FreeBSD Ports: gnupg File : nvt/freebsd_gnupg3.nasl |
2008-09-04 | Name : FreeBSD Ports: gnupg File : nvt/freebsd_gnupg0.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1266-1 (gnupg) File : nvt/deb_1266_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1115-1 (gnupg2) File : nvt/deb_1115_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1107-1 (gnupg) File : nvt/deb_1107_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-240-01 gnupg2 File : nvt/esoft_slk_ssa_2010_240_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2007-066-01 gnupg File : nvt/esoft_slk_ssa_2007_066_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2006-178-02 gnupg DoS File : nvt/esoft_slk_ssa_2006_178_02.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2014-A-0062 | Multiple Vulnerabilities In McAfee Email Gateway Severity: Category I - VMSKEY: V0050005 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-14 | Name: The remote Fedora host is missing a security update. File: fedora_2019-75a8da28f0.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2018-3dc16842e2.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-4ef71d3525.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-a4e13742b4.nasl - Type: ACT_GATHER_INFO |
2018-10-26 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2018-1324.nasl - Type: ACT_GATHER_INFO |
2018-10-26 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2018-1333.nasl - Type: ACT_GATHER_INFO |
2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2017-0013.nasl - Type: ACT_GATHER_INFO |
2018-08-10 | Name: The remote EulerOS host is missing a security update. File: EulerOS_SA-2018-1223.nasl - Type: ACT_GATHER_INFO |
2018-08-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2018-1045.nasl - Type: ACT_GATHER_INFO |
2018-07-20 | Name: The remote EulerOS host is missing a security update. File: EulerOS_SA-2018-1221.nasl - Type: ACT_GATHER_INFO |
2018-07-16 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-2180.nasl - Type: ACT_GATHER_INFO |
2018-07-16 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-2181.nasl - Type: ACT_GATHER_INFO |
2018-07-06 | Name: The remote Fedora host is missing a security update. File: fedora_2018-69780fc4d7.nasl - Type: ACT_GATHER_INFO |
2018-06-29 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1045.nasl - Type: ACT_GATHER_INFO |
2018-06-20 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2018-170-01.nasl - Type: ACT_GATHER_INFO |
2018-06-19 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2018-84fdbd021f.nasl - Type: ACT_GATHER_INFO |
2018-06-11 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2018-159-01.nasl - Type: ACT_GATHER_INFO |
2018-06-11 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4222.nasl - Type: ACT_GATHER_INFO |
2018-06-11 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4223.nasl - Type: ACT_GATHER_INFO |
2018-06-11 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4224.nasl - Type: ACT_GATHER_INFO |
2018-06-11 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_7da0417f6b2411e884cc002590acae31.nasl - Type: ACT_GATHER_INFO |
2017-05-16 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL21284031.nasl - Type: ACT_GATHER_INFO |
2017-05-01 | Name: The remote EulerOS host is missing a security update. File: EulerOS_SA-2016-1081.nasl - Type: ACT_GATHER_INFO |
2016-12-05 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201612-01.nasl - Type: ACT_GATHER_INFO |