gpg4win vulnerabilities and exploits

(subscribe to this query)

9.8

CVSSv3

A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

Gnupg Libksba Gpg4win Gpg4win Gnupg Vs-desktop Gnupg Gnupg

7.8

CVSSv3

GnuPG 2.2.21 and 2.2.22 (and Gpg4win 3.1.12) has an array overflow, leading to a crash or possibly unspecified other impact, when a victim imports an attacker's OpenPGP key, and this key has AEAD preferences. The overflow is caused by a g10/key-check.c error. NOTE: GnuPG 2.3...

Gnupg Gnupg 2.2.21 Gnupg Gnupg 2.2.22 Gpg4win Gpg4win 3.1.12

NA

gpg2.exe in Gpg4win 2.0.1, as used in KDE Kleopatra 2.0.11, allows remote malicious users to cause a denial of service (application crash) via a long certificate signature.

Gpg4win Gpg4win 2.0.1

1 EDB exploit

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook