Published: 25/10/2014 Updated: 27/10/2014

CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4

VMScore: 392

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

python-gnupg 0.3.5 and 0.3.6 allows context-dependent malicious users to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323.

Vulnerable Product	Search on Vulmon	Subscribe to Product
python-gnupg project python-gnupg 0.3.6
python-gnupg project python-gnupg 0.3.5

Debian Bug report logs - #738509 python-gnupg: CVE-2013-7323 CVE-2014-1927 CVE-2014-1928 CVE-2014-1929 Package: src:python-gnupg; Maintainer for src:python-gnupg is Elena Grandi <valhalla@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Feb 2014 05:33:01 UTC Severity: grave Tags: secur ...

CWE-20 http://seclists.org/oss-sec/2014/q1/245 http://secunia.com/advisories/59031 http://www.debian.org/security/2014/dsa-2946 http://seclists.org/oss-sec/2014/q1/335 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738509 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-1929

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect