410 matches found
Important: gnupg2
Issue Overview: In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. For ExtendedLTS, 2.2.51 and later are fixed versions. CVE-2025-68973 Affected Packages: gnupg2 Issue Correction: Ru...
SUSE-SU-2026:0378-1 Security update for gpg2
This update for gpg2 fixes the following issues: - CVE-2025-68973: Fixed possile memory corruption in the armor parser T7906 bsc1255715 - Fixed GnuPG Accepting Path Separators and Path Traversals in Literal Data bsc1256389 - Fixed Cleartext Signature Forgery in the NotDashEscaped header...
RHSA-2026:1677 Red Hat Security Advisory: gnupg2 security update
Bulletin has no description...
RHSA-2026:1629 Red Hat Security Advisory: gnupg2 security update
Bulletin has no description...
Important: Red Hat Security Advisory: gnupg2 security update
An update for gnupg2 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write
A flaw was found in GnuPG. An attacker can provide crafted input to the armorfilter function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code...
GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write
A flaw was found in GnuPG. An attacker can provide crafted input to the armorfilter function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code...
Important: Red Hat Security Advisory: gnupg2 security update
An update for gnupg2 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 9 : gnupg2 (RHSA-2026:1719)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1719 advisory. The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Securi...
RHEL 7 : gnupg2 (RHSA-2026:1677)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1677 advisory. The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Securi...
RHEL 10 : gnupg2 (RHSA-2026:1629)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1629 advisory. The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards...
Huawei EulerOS: Security Advisory for gnupg2 (EulerOS-SA-2026-1117)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.0 : gnupg2 (EulerOS-SA-2026-1168)
According to the versions of the gnupg2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that...
SUSE CVE-2026-24883
In GnuPG before 2.5.17, a long signature packet length causes parsesignature to return success with sig-data set to a NULL value, leading to a denial of service application crash...
Photon OS 5.0: Gnupg PHSA-2026-5.0-0737
An update of the gnupg package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0737. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CLSA-2026-1769679566 gnupg2: Fix of CVE-2025-68973
CVE-2025-68973: fix out-of-bounds write in armorfilter function by correcting index variable increments...
RHSA-2026:1468 Red Hat Security Advisory: gnupg2 security update
Bulletin has no description...
GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write
A flaw was found in GnuPG. An attacker can provide crafted input to the armorfilter function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code...
Important: Red Hat Security Advisory: gnupg2 security update
An update for gnupg2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2026-24883
A flaw was found in GnuPG. A remote attacker could provide a specially crafted long signature packet that, when processed, causes the application to crash. This vulnerability leads to a denial of service DoS, making the GnuPG application unavailable to legitimate users. Mitigation Mitigation for...