The read_block function in g10/import.c in GnuPG 1.4.x prior to 1.4.13 and 2.0.x up to and including 2.0.19, when importing a key, allows remote malicious users to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
gnupg gnupg 1.4.8 |
||
gnupg gnupg 1.4.10 |
||
gnupg gnupg 1.4.4 |
||
gnupg gnupg 1.4.0 |
||
gnupg gnupg 1.4.12 |
||
gnupg gnupg 1.4.2 |
||
gnupg gnupg 1.4.11 |
||
gnupg gnupg 1.4.3 |
||
gnupg gnupg 1.4.5 |
||
gnupg gnupg 2.0.1 |
||
gnupg gnupg 2.0.7 |
||
gnupg gnupg 2.0.15 |
||
gnupg gnupg 2.0.8 |
||
gnupg gnupg 2.0.11 |
||
gnupg gnupg 2.0.6 |
||
gnupg gnupg 2.0.10 |
||
gnupg gnupg 2.0.13 |
||
gnupg gnupg 2.0 |
||
gnupg gnupg 2.0.5 |
||
gnupg gnupg 2.0.17 |
||
gnupg gnupg 2.0.12 |
||
gnupg gnupg 2.0.18 |
||
gnupg gnupg 2.0.16 |
||
gnupg gnupg 2.0.14 |
||
gnupg gnupg 2.0.4 |
||
gnupg gnupg 2.0.3 |
||
gnupg gnupg 2.0.19 |
Vulmon