Unrated severityNVD Advisory· Published Oct 28, 2013· Updated Apr 29, 2026
CVE-2013-4402
CVE-2013-4402
Description
The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.
Affected products
29cpe:2.3:a:gnupg:gnupg:1.4.0:*:*:*:*:*:*:*+ 24 more
- cpe:2.3:a:gnupg:gnupg:1.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:1.4.10:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:1.4.11:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:1.4.12:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:1.4.13:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:1.4.14:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:1.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:1.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:1.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:1.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:2.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:2.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:2.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:2.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:2.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:2.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:2.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:2.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:2.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:2.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:2.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:2.0.21:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- lists.gnupg.org/pipermail/gnupg-announce/2013q4/000333.htmlnvdVendor Advisory
- lists.gnupg.org/pipermail/gnupg-announce/2013q4/000334.htmlnvdVendor Advisory
- www.ubuntu.com/usn/USN-1987-1nvdVendor Advisory
- bugs.debian.org/cgi-bin/bugreport.cginvd
- lists.opensuse.org/opensuse-updates/2013-10/msg00020.htmlnvd
- lists.opensuse.org/opensuse-updates/2013-10/msg00025.htmlnvd
- rhn.redhat.com/errata/RHSA-2013-1459.htmlnvd
- www.debian.org/security/2013/dsa-2773nvd
- www.debian.org/security/2013/dsa-2774nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.