3 matches found
proglottis/gpgme: Use-after-free in GPGME bindings during container image pull
A use-after-free vulnerability was found in the Go GPGME wrapper library, github.com/proglottis/gpgme. An attacker could use this flaw to crash or cause potential code execution in Go applications that use this library, under certain conditions, during GPG signature verification...
[SECURITY] Fedora 20 Update: gpgme-1.3.2-5.fc20
GnuPG Made Easy GPGME is a library designed to make access to GnuPG easier for applications. It provides a high-level crypto API for encryption, decryption, signing, signature verification and key management...
UBUNTU-CVE-2014-3564
Multiple heap-based buffer overflows in the statushandler function in 1 engine-gpgsm.c and 2 engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to "different line lengths in a specific order."...