14 matches found
EUVD-2022-0836
Malicious code in bioql PyPI...
CVE-2022-24953
The CryptGPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions...
Privilege Escalation
pear/cryptgpg is vulnerable to privilege escalation. The vulnerability exists in GPG.php file because there are no end-of-option markers before operation arguments allowing remote attackers to parse additional options during external calls to the library...
Crypt_GPG does not prevent additional options in GPG calls
The CryptGPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions...
GHSA-59X4-67MH-PX54 Crypt_GPG does not prevent additional options in GPG calls
The CryptGPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions...
CVE-2022-24953
The CryptGPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions...
CVE-2022-24953
The CryptGPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions...
CVE-2022-24953
The CryptGPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions...
Code injection
The CryptGPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions...
CVE-2022-24953
The CryptGPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions...
CVE-2022-24953
The CryptGPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions...
CVE-2022-24953
CVE-2022-24953 affects the Crypt_GPG extension for PHP prior to version 1.6.7. The issue is that it does not block additional options in GPG calls, creating risk in certain environments and with certain GPG versions. The initial documents do not provide exploit details; the description implies th...
CVE-2022-24953
The CryptGPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions...
Crypt_GPG 参数注入漏洞
CryptGPG is a PHP package that interacts with GNU Privacy Guard GnuPG. CryptGPG suffers from a parameter injection vulnerability that stems from the fact that the Crypt GPG extension prior to PHP 1.6.7 does not block additional options in GPG calls...