1377 matches found
CentOS 9 : rust-rpm-sequoia-1.10.2.1-1.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the rust- rpm-sequoia-1.10.2.1-1.el9 build changelog. - Update sequoia-openpgp to version 2.3.0. This includes three security relevant fixes assigned CVE-2026-42783, CVE-2026-42784, and...
[SECURITY] Fedora 44 Update: rust-sequoia-sqv-1.3.0-6.fc44
A simple OpenPGP signature verification program...
CVE-2026-42783
openpgp: Reject nested embedded signatures...
GNU Privacy Guard 2.5.20
GnuPG the GNU Privacy Guard or GPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As suc...
Fedora 45 : rust-podman-sequoia / rust-rpm-sequoia / etc (2026-5272623baf)
The remote Fedora 45 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-5272623baf advisory. Update sequoia-openpgp to version 2.3.0. This includes three security relevant fixes assigned CVE-2026-42783, CVE-2026-42784, and CVE-not-...
[SECURITY] Fedora 44 Update: gnutls-3.8.13-1.fc44
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...
GNU Transport Layer Security Library 3.8.13
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS 12, OpenPGP, and other...
GHSA-CJ8J-37RH-8475 Bouncy Castle Uncontrolled Resource Consumption vulnerability
Allocation of resources without limits or throttling vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all pg modules. This issue affects BC-JAVA before 1.84. Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion...
JLSEC-2026-123
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpipowm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the AEADEncDataPacket parser in AEADEncDataPacket.java. An attacker can crash packet parsing by supplying an AEAD-encrypted OpenPGP packet with an out-of-range chunk size valu...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the AEADEncDataPacket parser in AEADEncDataPacket.java. An attacker can crash packet parsing by supplying an AEAD-encrypted OpenPGP packet with an out-of-range chunk size valu...
CLSA-2026-1776169648 python3.9: Fix of CVE-2026-4519
CVE-2026-4519: reject leading dashes in webbrowser URLs - Update pubkeys.txt with refreshed Łukasz Langa GPG key expired 2025-05-12...
CVE-2026-2625 Rust-rpm-sequoia: rust-rpm-sequoia: denial of service via crafted rpm file during signature verification
A flaw was found in rust-rpm-sequoia. An attacker can exploit this vulnerability by providing a specially crafted Red Hat Package Manager RPM file. During the RPM signature verification process, this crafted file can trigger an error in the OpenPGP signature parsing code, leading to an...
CVE-2026-2625 Rust-rpm-sequoia: rust-rpm-sequoia: denial of service via crafted rpm file during signature verification
A flaw was found in rust-rpm-sequoia. An attacker can exploit this vulnerability by providing a specially crafted Red Hat Package Manager RPM file. During the RPM signature verification process, this crafted file can trigger an error in the OpenPGP signature parsing code, leading to an...
Red Hat Enterprise Linux 10 数据伪造问题漏洞
Red Hat Enterprise Linux 10 is a Linux operating system designed for enterprise users by the American company Red Hat. Red Hat Enterprise Linux 10 has a vulnerability related to data falsification. This vulnerability stems from errors in the OpenPGP signature parsing code, which may lead to...
OESA-2026-1468 thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were render...
[SECURITY] Fedora 42 Update: gnutls-3.8.11-3.fc42
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...
GNU Transport Layer Security Library 3.8.12
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS 12, OpenPGP, and other...
[SECURITY] Fedora 43 Update: gnupg2-2.4.9-5.fc43
GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described...
[SECURITY] Fedora 43 Update: rust-sequoia-sqv-1.3.0-5.fc43
A simple OpenPGP signature verification program...