4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
45.9%
gpgv in GnuPG before 1.4.2.1, when using unattended signature verification,
returns a 0 exit code in certain cases even when the detached signature
file does not carry a signature, which could cause programs that use gpgv
to assume that the signature verification has succeeded. Note: this also
occurs when running the equivalent command “gpg --verify”.