2 matches found
CVE-2014-1929
The CVE-2014-1929 entry concerns python-gnupg versions 0.3.5 and 0.3.6. It states an option-injection via positional arguments allows context-dependent attackers to achieve an unspecified impact, stemming from an incomplete fix for CVE-2013-7323. Connected documents corroborate related shell-quot...
CVE-2014-1928
The connected advisories confirm a shell_quote handling flaw in python-gnupg 0.3.5 (and related 0.3.6) where improper quoting enables context-dependent code execution via shell metacharacters. Root cause is an incomplete fix for CVE-2013-7323. Impact is arbitrary code execution through crafted in...