JLSEC-2026-564 In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized...

In GnuPG before 2.5.17, a crafted CMS S/MIME EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that...

Security Bulletin: Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - Cyclops.

Summary Vulnerabilities exists in IBM Cloud Pak for Data System CPDS 1.0 - Cyclops addressed in 11.3.1.1. Vulnerability Details CVEID:CVE-2022-3219 DESCRIPTION: GnuPG can be made to spin on a relatively small input by for example crafting a public key with thousands of signatures attached,...

Astra Linux - уязвимость в gnupg2

GnuPG versions up to 2.3.6 allow for signature forgery in unusual situations where an attacker possesses secret-key information from a victim’s keyring, and other constraints such as the use of GPGME are met. This can be achieved by injecting malicious data into the command line’s status line...

Astra Linux - уязвимость в gnupg2

In GnuPG before version 2.4.9, the armorfilter function in g10/armor.c had two increments of an index variable, where only one was intended. This led to a out-of-bounds write vulnerability with crafted inputs. This issue has been fixed in ExtendedLTS versions, 2.2.51 and later...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-11.0.1.1)

The version of AHV installed on the remote host is prior to AHV-11.0.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-11.0.1.1 advisory. - LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics...

Security Bulletin: Muliple security vulnerabilities found in IBM CICS TX Standard.

Summary Multiple security vulnerabilities found in IBM CICS TX Standard. An update to IBM CICS TX Standard has been released to address multiple vulnerabilities in brotli, gnutls, libssh, openssl, curl, binutils, gnupg2, glib2 packages. Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue...

Fedora: Security Advisory (FEDORA-2026-936a74ccc0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2026-8f1d7b6821)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 42 Update: rust-sequoia-chameleon-gnupg-0.13.1-11.fc42

Sequoia's reimplementation of the GnuPG interface...

[SECURITY] Fedora 44 Update: rust-sequoia-chameleon-gnupg-0.13.1-11.fc44

Sequoia's reimplementation of the GnuPG interface...

Fedora 42 : rust-pty-process / rust-sequoia-chameleon-gnupg (2026-8f1d7b6821)

The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-8f1d7b6821 advisory. Rebuild rust-sequoia-chameleon-gnupg with rust-tar 0.4.45 for CVE-2026-33056. Update rust-pty-process to 0.5.3, and adjust the dev-dependency in...

Fedora 44 : rust-pty-process / rust-sequoia-chameleon-gnupg (2026-29e1155702)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-29e1155702 advisory. Rebuild rust-sequoia-chameleon-gnupg with rust-tar 0.4.45 for CVE-2026-33056. Update rust-pty-process to 0.5.3, and adjust the dev-dependency in...

Huawei EulerOS: Security Advisory for gnupg2 (EulerOS-SA-2026-1554)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

How to Manually Update GPG key on Veeam Hardened Repository Appliance

Article Applicability This article is specifically regarding the Veeam Hardened Repository ISO v2 appliance, which was distributed alongside Veeam Backup & Replication 12. For information about manually updating the GPG key on the appliances associated with Veeam Backup & Replication 13, review...

EulerOS 2.0 SP13 : gnupg2 (EulerOS-SA-2026-1238)

According to the versions of the gnupg2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write...

Huawei EulerOS: Security Advisory for gnupg2 (EulerOS-SA-2026-1238)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gnupg2 (UTSA-2026-005933)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005933 advisory. In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.8)

The version of AHV installed on the remote host is prior to AHV-10.0.1.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.8 advisory. - In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended,...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.3.1.4)

The version of AHV installed on the remote host is prior to AHV-10.3.1.4. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.3.1.4 advisory. - In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended,...

Security update for gpg2

This update for gpg2 fixes the following issues: Security fix: Fixed GnuPG accepting Path Separators and Path Traversals in Literal Data bsc1256389 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...