[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-4223-1 gnupg1 -- gnupg1

ID: oval:org.secpod.oval:def:603424Date: (C)2018-06-11   (M)2023-12-20
Class: PATCHFamily: unix




Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email. Details can be found in the upstream advisory at https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000425.html

Platform:
Debian 9.x
Product:
gpgv1
gnupg1
Reference:
DSA-4223-1
CVE-2018-12020
CVE    1
CVE-2018-12020
CPE    4
cpe:/o:debian:debian_linux:9.0
cpe:/a:gnupg:gnupg1
cpe:/o:debian:debian_linux:9.x
cpe:/o:debian:debian_linux:8.0
...

© SecPod Technologies