PT-2026-51574
Name of the Vulnerable Software and Affected Versions GnuPG versions prior to 2.5.21 Description CMS Cryptographic Message Syntax parsing in gpgsm mishandles the CMS format for AES-GCM. The issue occurs because the aes-ICVlen is accepted as 4 bytes, whereas it is supposed to be 12 bytes...