pear/crypt_gpg is vulnerable to privilege escalation. The vulnerability exists in GPG.php
file because there are no end-of-option markers before operation arguments allowing remote attackers to parse additional options during external calls to the library.
CPE | Name | Operator | Version |
---|---|---|---|
pear/crypt_gpg | le | v1.6.6 | |
php-crypt-gpg:sid | eq | 1.6.0-1 | |
pear/crypt_gpg | le | v1.6.6 | |
php-crypt-gpg:sid | eq | 1.6.0-1 |