CVE-2018-12356
CVE-2018-12356 affects Simple Password Store (pass) in password-store.sh prior to 1.7.2. The signature verification routine improperly parses GnuPG output with an incomplete regular expression, enabling remote spoofing of file signatures on configuration files and on extension scripts. This allow...