Gnupg
by Gnupg
Source repositories
CVEs (43)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-0071 | 0.00 | — | 0.00 | Feb 12, 2001 | gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection. | |||
| CVE-2001-0072 | 0.00 | — | 0.02 | Feb 12, 2001 | gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust. | |||
| CVE-2000-0974 | 0.00 | — | 0.03 | Dec 19, 2000 | GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection. |
- CVE-2001-0071Feb 12, 2001risk 0.00cvss —epss 0.00
gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection.
- CVE-2001-0072Feb 12, 2001risk 0.00cvss —epss 0.02
gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust.
- CVE-2000-0974Dec 19, 2000risk 0.00cvss —epss 0.03
GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection.
Page 3 of 3