Lucene search
K

22 matches found

OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.21 views

Ubuntu: Security Advisory (USN-4839-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.08654EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/12/29 12:0 a.m.22 views

Debian: Security Advisory (DLA-2862-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.08654EPSS
Exploits2References4
Debian
Debian
added 2021/12/28 9:13 p.m.34 views

[SECURITY] [DLA 2862-1] python-gnupg security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2862-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta December 29, 2021 https://wiki.debian.org/LTS -...

7.5CVSS8.6AI score0.08654EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/03/15 10:21 p.m.52 views

USN-4839-1: python-gnupg vulnerabilities

Marcus Brinkmann discovered that python-gnupg improperly handled certain command line parameters. A remote attacker could use this to spoof the output of python-gnupg and cause unsigned e-mail to appear signed. CVE-2018-12020 It was discovered that python-gnupg incorrectly handled the GPG...

7.5CVSS7.1AI score0.08654EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2020/07/14 12:0 a.m.55 views

Fedora 31 : python-gnupg (2020-e67d007a67)

New python-gnupg version Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Securit...

7.5CVSS7.4AI score0.08548EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2020/07/14 12:0 a.m.32 views

Fedora 32 : python-gnupg (2020-17fb3273b2)

New python-gnupg version Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Securit...

7.5CVSS7.4AI score0.08548EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2019/05/03 12:0 a.m.34 views

Ubuntu: Security Advisory (USN-3964-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.08654EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2019/05/03 12:0 a.m.50 views

Ubuntu 18.04 LTS : python-gnupg vulnerabilities (USN-3964-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3964-1 advisory. Marcus Brinkmann discovered that GnuPG before 2.2.8 improperly handled certain command line parameters. A remote attacker could use this to spoof the...

7.5CVSS7.3AI score0.08654EPSS
Exploits2References3
vulnersOsv
vulnersOsv
added 2019/03/25 4:17 p.m.7 views

entweet (=2.0.0), irrd (=4.0.0rc1) +1 more potentially affected by CVE-2019-6690 via python-gnupg (>=0.3.9 <=0.4.3)

python-gnupg PYPI version =0.3.9, =0.16.8, =0.21.0 Source cves: CVE-2019-6690 Source advisory: OSV:GHSA-2FCH-JVG5-CRF6...

7.5CVSS7.1AI score0.08548EPSS
Exploits2
NVD
NVD
added 2019/03/21 4:1 p.m.19 views

CVE-2019-6690

python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...

7.5CVSS7.4AI score0.08548EPSS
Exploits2References13
OSV
OSV
added 2019/03/21 4:1 p.m.9 views

CVE-2019-6690

python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...

7.5CVSS7.4AI score0.08548EPSS
Exploits2References13
vulnersOsv
vulnersOsv
added 2019/03/21 4:1 p.m.11 views

entweet (=2.0.0), irrd (=4.0.0rc1) +1 more potentially affected by CVE-2019-6690 via python-gnupg (>=0.3.9 <=0.4.3)

python-gnupg PYPI version =0.3.9, =0.16.8, =0.21.0 Source cves: CVE-2019-6690 Source advisory: OSV:PYSEC-2019-115...

7.5CVSS7.1AI score0.08548EPSS
Exploits2
OSV
OSV
added 2019/03/21 12:0 a.m.4 views

UBUNTU-CVE-2019-6690

python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...

7.5CVSS7.3AI score0.08548EPSS
Exploits2References7
CVE
CVE
added 2019/03/17 5:2 p.m.213 views

CVE-2019-6690

CVE-2019-6690 affects python-gnupg 0.4.3. A context-dependent flaw lets an attacker, if they control the GnuPG passphrase and the ciphertext is trusted, cause decryption of ciphertext other than intended (CWE-20: Improper Input Validation). Impact described in sources includes manipulation of enc...

7.5CVSS7.2AI score0.08548EPSS
Exploits2References13Affected Software1
Mageia
Mageia
added 2019/03/07 4:34 p.m.36 views

Updated python-gnupg packages fix security vulnerability

When symmetric encryption is used, data can be injected through the passphrase property of the gnupg.GPG.encrypt and gnupg.GPG.decrypt methods. The supplied passphrase is not validated for newlines, and the library passes --passphrase-fd=0 to the gpg executable, which expects the passphrase on th...

7.5CVSS2.6AI score0.08548EPSS
Exploits2References2
OSV
OSV
added 2019/03/07 4:34 p.m.8 views

MGASA-2019-0105 Updated python-gnupg packages fix security vulnerability

When symmetric encryption is used, data can be injected through the passphrase property of the gnupg.GPG.encrypt and gnupg.GPG.decrypt methods. The supplied passphrase is not validated for newlines, and the library passes --passphrase-fd=0 to the gpg executable, which expects the passphrase on th...

7.5CVSS7.3AI score0.08548EPSS
Exploits2References3
OSV
OSV
added 2019/02/23 3:47 p.m.6 views

OPENSUSE-SU-2019:0239-1 Security update for python-python-gnupg

This update for python-python-gnupg to version 0.4.4 fixes the following issues: Security issue fixed: - CVE-2019-6690: Added a check to disallow certain control characters '\r', '\n', NUL in passphrases boo1123498. This update was imported from the openSUSE:Leap:15.0:Update update project...

7.5CVSS7.4AI score0.08548EPSS
Exploits2References3
Debian
Debian
added 2019/02/14 2:0 p.m.119 views

[SECURITY] [DLA 1675-1] python-gnupg security update

Package : python-gnupg Version : 0.3.6-1+deb8u1 CVE ID : CVE-2019-6690 Alexander Kjäll and Stig Palmquist discovered a vulnerability in python-gnupg, a wrapper around GNU Privacy Guard. It was possible to inject data through the passphrase property of the gnupg.GPG.encrypt and gnupg.GPG.decrypt...

7.5CVSS7.3AI score0.08548EPSS
Exploits2
OpenVAS
OpenVAS
added 2019/02/07 12:0 a.m.24 views

openSUSE: Security Advisory for python-python-gnupg (openSUSE-SU-2019:0143-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.6AI score0.08548EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2019/02/07 12:0 a.m.41 views

openSUSE Security Update : python-python-gnupg (openSUSE-2019-143)

This update for python-python-gnupg to version 0.4.4 fixes the following issues : Security issue fixed : - CVE-2019-6690: Added a check to disallow certain control characters '\r', '\n', NUL in passphrases boo1123498. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

7.5CVSS7.4AI score0.08548EPSS
Exploits2References2
Rows per page
Query Builder