Vulnerabilities > Gnupg > Gnupg > 1.4.14
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-12-20 | CVE-2013-4576 | Credentials Management vulnerability in Gnupg GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. | 2.1 |
2013-10-28 | CVE-2013-4402 | Improper Input Validation vulnerability in multiple products The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message. | 5.0 |
2006-06-19 | CVE-2006-3082 | Numeric Errors vulnerability in Gnupg parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option. | 5.0 |