Search CVE reports
1 – 6 of 6 results
CVE-2019-6690
Medium prioritySome fixes available 5 of 12
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be...
1 affected package
python-gnupg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| python-gnupg | Not affected | Vulnerable | Vulnerable | Fixed | Fixed |
CVE-2018-12020
Medium prioritySome fixes available 23 of 40
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the...
5 affected packages
enigmail, gnupg, gnupg1, gnupg2, python-gnupg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| enigmail | Not in release | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| gnupg | Not in release | Not in release | Not in release | Not in release | Fixed |
| gnupg1 | Not affected | Not affected | Not affected | Vulnerable | Not in release |
| gnupg2 | Fixed | Fixed | Fixed | Fixed | Fixed |
| python-gnupg | Not affected | Not affected | Not affected | Fixed | Fixed |
CVE-2014-1929
Medium prioritypython-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists because of an incomplete fix for...
1 affected package
python-gnupg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| python-gnupg | — | — | — | — | — |
CVE-2014-1928
Medium priorityThe shell_quote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "\"...
1 affected package
python-gnupg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| python-gnupg | — | — | — | — | Not affected |
CVE-2014-1927
Medium prioritySome fixes available 1 of 6
The shell_quote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using...
1 affected package
python-gnupg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| python-gnupg | — | — | — | — | Not affected |
CVE-2013-7323
Medium prioritySome fixes available 1 of 6
python-gnupg before 0.3.5 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in unspecified vectors.
1 affected package
python-gnupg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| python-gnupg | — | — | — | — | Not affected |