Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2018-9234

When using a GnuPG smartcard in 2.2.4+ with an offline master [C]ertify key, it is possible to sign the keys of others with only a [S]igning subkey present.

Source

Severity Low

Remote No

Type Insufficient validation

Description

When using a GnuPG smartcard in 2.2.4+ with an offline master [C]ertify key, it is possible to sign the keys of others with only a [S]igning subkey present.

AVG-943 gnupg 2.2.5-1 2.2.5-2 Low Fixed

https://bugs.archlinux.org/task/58120
https://dev.gnupg.org/T3844
https://dev.gnupg.org/rGa17d2d1f690ebe5d005b4589a5fe378b6487c657

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect