VYPR

Gnupg

by Gnupg

Source repositories

CVEs (43)

  • CVE-2001-0071Feb 12, 2001
    risk 0.00cvss epss 0.00

    gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection.

  • CVE-2001-0072Feb 12, 2001
    risk 0.00cvss epss 0.02

    gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust.

  • CVE-2000-0974Dec 19, 2000
    risk 0.00cvss epss 0.03

    GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection.

Page 3 of 3