CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
92.3%
Secunia reports:
A vulnerability has been reported in GnuPG, which can potentially
be exploited to compromise a vulnerable system.
The vulnerability is caused due to an error when importing keys
with duplicated IDs. This can be exploited to cause a memory
corruption when importing keys via --refresh-keys or --import.
Successful exploitation potentially allows execution of arbitrary
code, but has not been proven yet.