CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
92.5%
Daniel Kahn Gillmor discovered that GnuPG treated keys with empty usage
flags as being valid for all usages. (CVE-2013-4351)
Taylor R Campbell discovered that GnuPG incorrectly handled certain OpenPGP
messages. If a user or automated system were tricked into processing a
specially-crafted message, GnuPG could consume resources, resulting in a
denial of service. (CVE-2013-4402)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 13.04 | noarch | gnupg2 | < 2.0.19-2ubuntu1.1 | UNKNOWN |
Ubuntu | 13.04 | noarch | gnupg-agent | < 2.0.19-2ubuntu1.1 | UNKNOWN |
Ubuntu | 13.04 | noarch | gpgsm | < 2.0.19-2ubuntu1.1 | UNKNOWN |
Ubuntu | 13.04 | noarch | scdaemon | < 2.0.19-2ubuntu1.1 | UNKNOWN |
Ubuntu | 13.04 | noarch | gnupg | < 1.4.12-7ubuntu1.2 | UNKNOWN |
Ubuntu | 13.04 | noarch | gnupg-curl | < 1.4.12-7ubuntu1.2 | UNKNOWN |
Ubuntu | 13.04 | noarch | gnupg-udeb | < 1.4.12-7ubuntu1.2 | UNKNOWN |
Ubuntu | 13.04 | noarch | gpgv | < 1.4.12-7ubuntu1.2 | UNKNOWN |
Ubuntu | 13.04 | noarch | gpgv-udeb | < 1.4.12-7ubuntu1.2 | UNKNOWN |
Ubuntu | 12.10 | noarch | gnupg2 | < 2.0.17-2ubuntu3.2 | UNKNOWN |