CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Tenable Nessus•added 2025/08/18 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2019-11841

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP...

5.9CVSS7.1AI score0.00397EPSS

Exploits2References2

OSV•added 2023/08/23 2:38 p.m.•30 views

GO-2023-1992 Misleading message verification in golang.org/x/crypto/openpgp/clearsign

The clearsign package accepts some malformed messages, making it possible for an attacker to trick a human user but not a Go program into thinking unverified text is part of the message. With fix, messages with malformed headers in the SIGNED MESSAGE section are rejected...

5.9CVSS5.7AI score0.00397EPSS

Exploits2References3

Tenable Nessus•added 2023/06/16 12:0 a.m.•41 views

Debian dla-3455 : golang-golang-x-crypto-dev - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3455 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3455-1 [email protected]...

7.5CVSS7.2AI score0.18682EPSS

Exploits8References8

SUSE CVE•added 2023/02/15 4:11 a.m.•1 views

SUSE CVE-2019-11841

A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The...

5.9CVSS6.8AI score0.00397EPSS

Exploits2References3