Lucene search
Veracode Vulnerability DatabaseVERACODE:34279HistoryFeb 18, 2022 - 8:43 a.m.
Privilege Escalation
2022-02-1808:43:09
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
26.2%
pear/crypt_gpg is vulnerable to privilege escalation. The vulnerability exists in GPG.php file because there are no end-of-option markers before operation arguments allowing remote attackers to parse additional options during external calls to the library.
| CPE | Name | Operator | Version |
|---|---|---|---|
| pear/crypt_gpg | le | v1.6.6 | |
| php-crypt-gpg:sid | eq | 1.6.0-1 | |
| pear/crypt_gpg | le | v1.6.6 | |
| php-crypt-gpg:sid | eq | 1.6.0-1 |
Related
github
github
Crypt_GPG does not prevent additional options in GPG calls
2022-02-18 00:00:36
osv
osv
CVE-2022-24953
2022-02-17 05:15:09
Crypt_GPG does not prevent additional options in GPG calls
2022-02-18 00:00:36
cve
cve
CVE-2022-24953
2022-02-17 05:15:09
debiancve
debiancve
CVE-2022-24953
2022-02-17 05:15:09
redhatcve
redhatcve
CVE-2022-24953
2022-05-20 22:54:44
nvd
nvd
CVE-2022-24953
2022-02-17 05:15:09
prion
prion
Code injection
2022-02-17 05:15:00
cvelist
cvelist
CVE-2022-24953
2022-02-17 04:22:05
ubuntucve
ubuntucve
CVE-2022-24953
2022-02-17 00:00:00