123 matches found
GHSA-QH62-CH95-63WH Duplicate Advisory: python-gnupg allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended
Withdrawn: Duplicate of GHSA-2fch-jvg5-crf6...
Duplicate Advisory: python-gnupg allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended
Withdrawn: Duplicate of GHSA-2fch-jvg5-crf6...
Fedora Update for python-gnupg FEDORA-2019-06f5bbdaf5
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 30 Update: python-gnupg-0.4.4-1.fc30
GnuPG bindings for python. This uses the gpg command...
Ubuntu: Security Advisory (USN-3964-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS : python-gnupg vulnerabilities (USN-3964-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3964-1 advisory. Marcus Brinkmann discovered that GnuPG before 2.2.8 improperly handled certain command line parameters. A remote attacker could use this to spoof the...
USN-3964-1 python-gnupg vulnerabilities
Marcus Brinkmann discovered that GnuPG before 2.2.8 improperly handled certain command line parameters. A remote attacker could use this to spoof the output of GnuPG and cause unsigned e-mail to appear signed. CVE-2018-12020 It was discovered that python-gnupg incorrectly handled the GPG...
USN-3964-1: python-gnupg vulnerabilities
Marcus Brinkmann discovered that GnuPG before 2.2.8 improperly handled certain command line parameters. A remote attacker could use this to spoof the output of GnuPG and cause unsigned e-mail to appear signed. CVE-2018-12020 It was discovered that python-gnupg incorrectly handled the GPG...
Exploit for Improper Input Validation in Python Python-Gnupg
Summary It is a simple PoC of Improper Input Validation in py...
Improper Input Validation python-gnupg
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...
entweet (=2.0.0), irrd (=4.0.0rc1) +1 more potentially affected by CVE-2019-6690 via python-gnupg (>=0.3.9 <=0.4.3)
python-gnupg PYPI version =0.3.9, =0.16.8, =0.23.0rc1 Source cves: CVE-2019-6690 Source advisory: OSV:GHSA-2FCH-JVG5-CRF6...
GHSA-2FCH-JVG5-CRF6 Improper Input Validation python-gnupg
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...
OPENSUSE-SU-2019:0143-1 Security update for python-python-gnupg
This update for python-python-gnupg to version 0.4.4 fixes the following issues: Security issue fixed: - CVE-2019-6690: Added a check to disallow certain control characters '\r', '\n', NUL in passphrases boo1123498...
DEBIAN-CVE-2019-6690
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...
PYSEC-2019-115
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...
PYSEC-2019-45
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...
entweet (=2.0.0), irrd (=4.0.0rc1) +1 more potentially affected by CVE-2019-6690 via python-gnupg (>=0.3.9 <=0.4.3)
python-gnupg PYPI version =0.3.9, =0.16.8, =0.23.0rc1 Source cves: CVE-2019-6690 Source advisory: OSV:PYSEC-2019-115...
Input validation
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...
CVE-2019-6690
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...
UBUNTU-CVE-2019-6690
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...