10 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-24972
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Kleopatra component before 3.1.12 and before 20.07.80 for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported...
SUSE CVE-2020-24972
The Kleopatra component before 3.1.12 and before 20.07.80 for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL...
CVE-2020-24972
The Kleopatra component before 3.1.12 and before 20.07.80 for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL...
Updated kleopatra packages fix a security vulnerability
The Kleopatra component before 20.07.80 for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary library. CVE-2020-24972...
GLSA-202008-21 : Kleopatra: Remote code execution
The remote host is affected by the vulnerability described in GLSA-202008-21 Kleopatra: Remote code execution Kleopatra did not safely escape command line parameters provided by URLs, which it configures itself to handle. Impact : A remote attacker could entice a user to process a specially craft...
Kleopatra: Remote code execution
Background Kleopatra is a certificate manager and a universal crypto GUI. It supports managing X.509 and OpenPGP certificates in the GpgSM keybox and retrieving certificates from LDAP servers. Description Kleopatra did not safely escape command line parameters provided by URLs, which it configure...
CVE-2020-24972
The Kleopatra component before 3.1.12 and before 20.07.80 for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL...
CVE-2020-24972
CVE-2020-24972 affects Kleopatra prior to 3.1.12 (and prior to 20.07.80) for GnuPG. The flaw allows remote code execution via openpgp4fpr: URLs being processed without safe handling of command-line options; the Qt platformpluginpath option can load an arbitrary DLL. Multiple vendor advisories (op...
CVE-2020-24972
The Kleopatra component before 3.1.12 and before 20.07.80 for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL...
CVE-2020-24972
The Kleopatra component before 3.1.12 and before 20.07.80 for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL...