Max CVSS | 5.0 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-12020 | 5.0 |
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" optio
|
18-04-2022 - 17:30 | 08-06-2018 - 21:29 | |
CVE-2018-9234 | 5.0 |
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey.
|
27-02-2019 - 19:37 | 04-04-2018 - 00:29 |