rpm package
suse/gpg2&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP4
pkg:rpm/suse/gpg2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-34903 | — | < 2.0.24-9.11.1 | 2.0.24-9.11.1 | Jul 1, 2022 | GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. | ||
| CVE-2019-13050 | — | < 2.0.24-9.8.1 | 2.0.24-9.8.1 | Jun 29, 2019 | Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent |
- CVE-2022-34903Jul 1, 2022affected < 2.0.24-9.11.1fixed 2.0.24-9.11.1
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
- CVE-2019-13050Jun 29, 2019affected < 2.0.24-9.8.1fixed 2.0.24-9.8.1
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent