5 matches found
AlmaLinux 8 : gnupg2 (ALSA-2020:4490)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4490 advisory. - GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery CSRF vulnerability in dirmngr that can result in Attacker controlled CSRF, Informatio...
GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack which leads to persistent DoS
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service...
EulerOS Virtualization for ARM 64 3.0.6.0 : gnupg2 (EulerOS-SA-2020-1358)
According to the version of the gnupg2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it...
Updated thunderbird packages fix security vulnerability
Sandbox escape via installation of malicious language pack. CVE-2019-9811 Script injection within domain through inner window reuse. CVE-2019-11711 Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects. CVE-2019-11712 Use-after-free with HTTP/2 cached stream...
UBUNTU-CVE-2019-13050
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service...