5 matches found
SUSE-SU-2025:20458-1 Security update for gpg2
This update for gpg2 fixes the following issues: Fixed regressions for the recent malicious subkey DoS fix for CVE-2025-30258 bsc1239119...
Security update for gpg2
This update for gpg2 fixes the following issues: Fix regression for the recent malicious subkey DoS fix in CVE-2025-30258. bsc1236931, bsc1239119, CVE-2025-30258 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Mozilla: Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid...
Ansible: code injection when using ansible_facts as a subkey
A flaw was found in the Ansible Engine. When using ansiblefacts as a subkey of itself, and promoting it to a variable when injecting is enabled, overwriting the ansiblefacts after the clean, an attacker could take advantage of this by altering the ansiblefacts leading to privilege escalation or...
UBUNTU-CVE-2020-10684
A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansiblefacts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansiblefacts after the clean. An attacker could take advantag...